A method and system determine network based access to restricted systems. The method includes receiving a request for a permission access status of a party seeking access to one of the restricted systems. A database of periodically updated lists of entities is accessed. A name of the party is extracted from the request. A determination is made whether the name does not match one of the entities. The name is decomposed into parts if the name not matching one of the entities. A determination is made whether any of the parts of the name matches one of the entities. A denial of access status is forwarded from the computer server to an external computing device if any of the parts of the name matches one of the entities.