CN102567466B - Information processing device and information processing method - Google Patents

Information processing device and information processing method Download PDF

Info

Publication number
CN102567466B
CN102567466B CN201110393360.9A CN201110393360A CN102567466B CN 102567466 B CN102567466 B CN 102567466B CN 201110393360 A CN201110393360 A CN 201110393360A CN 102567466 B CN102567466 B CN 102567466B
Authority
CN
China
Prior art keywords
data acquisition
relay
access
control
record
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201110393360.9A
Other languages
Chinese (zh)
Other versions
CN102567466A (en
Inventor
村田充昭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Canon IT Solutions Inc
Original Assignee
Canon IT Solutions Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from JP2011216742A external-priority patent/JP5234683B2/en
Application filed by Canon IT Solutions Inc filed Critical Canon IT Solutions Inc
Publication of CN102567466A publication Critical patent/CN102567466A/en
Application granted granted Critical
Publication of CN102567466B publication Critical patent/CN102567466B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention provides an information processing device and information processing method. By using the device and the method, a monitor managing the visit of a reader to WEB sites can manage access logs efficiently. The information processing device realizes relay control of a data acquisition request sent from a terminal device to a WEB server. It is characterized in that in a condition that the data acquisition request contains acquisition request source URL, the information processing device calculates a time different of the time of sending the data acquisition request and a time of sending the data acquisition request to the acquisition request source URL. If the calculated time difference is within a predetermined time, accesses related to the data acquisition request is not transmitted.

Description

Signal conditioning package and information processing method
Technical field
The present invention relates to the administrative skill of the end device of the internal network record relevant to the relay and control of the communication between the server unit on the external networks such as the Internet.
Background technology
Along with the development of network technology, can be very easy and carry out the mutual of information efficiently.Such as, can not be time-consuming and troublesomely the data used in meeting be not attached to Email and send to participator in advance.
But such network technology is flourishing and easily carry out the reverse side of information interaction, important confidential information flows out to outside danger simply, flow into the danger of the harmful informations such as computer virus from outside uprises.
Therefore, in enterprise etc., the countermeasure of forbidding to the server access providing the information not having direct relation with business etc. is taken.
Such as, import the equipment of Control on Communication and the url filtering carrying out forbidding for the access of specific URL, request for the URL be not licensed for access to is not forwarded to the external server of the information resources providing this URL to represent, thus makes to access the information resources that this URL represents.
When carrying out url filtering, making the list of URL of permits access and white list, the list of URL of disable access and blacklist, carrying out the control for them.That is, control as follows: for the request for the URL registered in white list, its communication of relaying, for the request for the URL registered in blacklist, not its communication of relaying.
Such as, in patent documentation 1, disclose following structure: when there is reading requirement from user to the WEB website that addition of reading restriction, supervisory person is notified to the record read.
[patent documentation 1] Japanese Unexamined Patent Publication 2008-234332 publication
Summary of the invention
But, if all notified for the Visitor Logs for the confined WEB website of reading, then cause needs to notify very a large amount of records.
Particularly, the URL being not only user and specifying, but also accessed by multiple URL and form in the website of page entirety, sometimes specify the file acquisition such as image, animation destination by other URL.Under these circumstances, under such circumstances, cause needing to notify a large amount of regulation daily records (log) in " although the licensed reading of URL itself that user specifies; for the URL as file acquisition destinations such as the image linked from here, animations; become the object of reading restriction ".
Because such access for image, animation is not the access that reviewer deliberately (intentional) is carried out, so such Visitor Logs is not limit useful record to the reading be applicable to.
Therefore, produce following bothersome: supervisory person, in order to carry out the restrict access be applicable to, from a large amount of daily records, must extract the daily record that user deliberately (intentional) accesses out.
Therefore, the object of the present invention is to provide a kind of structure that can manage access log to reviewer to the supervisory person that the access of WEB website manages efficiently.
The invention provides a kind of signal conditioning package, it is characterized in that, possess: acquiring unit, obtain data acquisition requirement WEB server sent from end device; With reference to source judging unit, judge in the data acquisition obtained by described acquiring unit requires, whether comprise the reference origin url of this data acquisition requirement; And notification unit, can notify definitely to be judged as not comprising the data acquisition requirement from described end device with reference to origin url with reference to source judging unit by described to supervisory person.
In addition, the invention provides a kind of information processing method, it is characterized in that, possess: obtain operation, the acquiring unit of signal conditioning package obtains the data acquisition requirement sent WEB server from end device; Judge operation with reference to source, the reference source judging unit of described signal conditioning package judges, in the data acquisition obtained by described acquisition operation is required, whether to comprise the reference origin url of this data acquisition requirement; And notice operation, the notification unit of described signal conditioning package can notify to judge that operation is judged as not comprising the data acquisition requirement from described end device with reference to origin url by described with reference to source to supervisory person definitely.
According to the present invention, access log can be managed efficiently to the supervisory person that reviewer manages to the access of WEB website.
Accompanying drawing explanation
Fig. 1 is the figure of an example of the structure that information handling system of the present invention is shown.
Fig. 2 is the figure of an example of the hardware configuration that the signal conditioning package that the proxy server 101 as Fig. 1 can be suitable for is shown.
Fig. 3 is the process flow diagram that access control process in the 1st and the 2nd embodiment, that performed by proxy server 101 is shown.
Fig. 4 is the figure of the example that access rule table is shown.
Fig. 5 is the figure of the example that access log table is shown.
Fig. 6 is the figure of the flow process of the respective process of the client computer PC102 illustrated in the present invention, proxy server 101, WEB server 105.
Fig. 7 is the figure of the flow process of the respective process of the client computer PC102 illustrated in the present invention, proxy server 101, WEB server 105.
Fig. 8 illustrates process flow diagram that performed by proxy server 101 in the 1st embodiment, that access log is shown in the process in client computer PC.
Fig. 9 is the figure of the example that the condition setting screen shown in client computer PC102 in the 1st embodiment is shown.
Figure 10 is the figure of the example that the access log display frame shown in client computer PC102 in step S803, step S1303 is shown.
Figure 11 is the figure of the example that the access log display frame shown in client computer PC102 in the 1st embodiment (step S811), the 4th embodiment is shown.
Figure 12 is the block diagram of the functional structure that proxy server 101 is shown.
Figure 13 illustrates process flow diagram that performed by proxy server 101 in the 2nd embodiment, that access log is shown in the process in client computer PC.
Figure 14 is the figure of the example that the access log display frame shown in client computer PC102 in the 2nd embodiment (step S1309), the 3rd embodiment is shown.
Figure 15 is the process flow diagram that performed by proxy server 101 in the 3rd embodiment, access control process and access log registration process is shown.
Figure 16 is the process flow diagram of the registration process that access control process and the access log performed by proxy server 101 in the 4th embodiment is shown.
Figure 17 is the figure of the structure that HTTP request data are shown.
Figure 18 is the figure that the access log of registering in step S1508 is shown.
Figure 19 is the figure that the access log of registering in step S1609 is shown.
Figure 20 is the table of the threshold value registered in step S1608 as judgment standard.
Figure 21 is the figure of an example of the picture that the threshold value of setting shown in Figure 20 is shown.
Figure 22 illustrates that proxy server 101 couples of client computer PC102 send the process flow diagram of the process of access log in the 3rd, the 4th embodiment.
Figure 23 is the figure of an example of the search condition setting screen illustrated in the 3rd, the 4th embodiment.
(symbol description)
101: proxy server; 102: client terminal; 103:LAN; 104: Wide Area Network; 105:WEB server.
Embodiment
Below, with reference to accompanying drawing, describe embodiments of the present invention in detail.
Fig. 1 is the figure of an example of the system architecture that information handling system of the present invention is shown.
As shown in Figure 1, the information handling system of present embodiment possess proxy server 101, client computer PC102-1 to 102-3 (after, be generically and collectively referred to as " client computer PC102 "), LAN103, Wide Area Network 104, WEB server 105-1 to 105-3 (after, be generically and collectively referred to as " WEB server 105 ").
Below, each device forming information handling system of the present invention is described.
Proxy server 101 is the devices playing function as signal conditioning package of the present invention, carries out relaying to the data communication between client computer PC102 and WEB server 105.In addition, proxy server 101 has following function: according to for data mutual between client computer PC102 and WEB server 105, the relay and control that the relaying of license (relaying) or refusal (not relaying) these data is such is regular, carries out the Control on Communication of data.
In addition, there is the function storing the daily record relevant to the Control on Communication of data.
Client computer PC102 is the end device that the user of the various services (reading etc. of homepage) utilizing WEB server 105 to provide uses.In addition, there is the function showing and control relevant daily record to the data communication stored in proxy server 101.
LAN103 is with can the network that connects of the mode of data communication mutually by proxy server 101, client computer PC102.
WEB server 105 is by the server unit providing the service provider of various WEB service to arrange.As the service provided at this, such as, there is the subscription services etc. in the sale service of the Reading Service of homepage, commodity, plane ticket, hotel etc., but be not limited thereto.
Proxy server 101 can be connected to data communication via the Wide Area Networks such as the Internet 104 mutually with WEB server 105.
It is more than the explanation of an example of information handling system structure of the present invention.
Below, use Fig. 2, an example of the hardware configuration of the signal conditioning package that can be applicable to the proxy server 101 shown in Fig. 1 is described.
In fig. 2,201 is CPU, controls each equipment, the controller that are connected with system bus 204 generally.In addition, in ROM203 or external memory storage 211, store control program and BIOS (the Basic Input/Output System of CPU201, Basic Input or Output System (BIOS)), operating system program (following, OS), in order to realize function that each server or each PC perform and required various programs etc.
202 is RAM, and primary memory, workspace etc. as CPU201 play function.CPU201 by being loaded into RAM202 by the required program etc. when performing process from ROM203 or external memory storage 211, and performs this program be loaded with, and realizes various action thus.
In addition, 205 is input control devices, controls the input from input media 209 grade.206 is Video Controllers, controls the display to the display equipments such as liquid crystal display 210.In addition, display equipment is not limited to liquid crystal display, also can be CRT monitor etc.Also can be the display that client computer uses as required.
207 is Memory Controllers, controls to the hard disk (HD) storing boot, various application program, character font data, user file, editing files, various data etc., floppy disk (FD) or the access of the external memory storage 211 such as compact flash (registered trademark) storer being connected to pcmcia card groove via adapter.
208 is communication I/F controllers, is connected/communicates, perform the Control on Communication process in network via network (such as, the LAN104 shown in Fig. 1) with external unit.Such as, the communication etc. employing TCP/IP can be carried out.
In addition, CPU201, by performing to the process of the display information in such as RAM202 with regional implementation (rasterisation) cutline font, makes it possible to realize the display on display equipment 210.In addition, CPU201 makes it possible to realize user's instruction by the not shown cursor of mouse etc. on display equipment 210.
On hardware, the various programs of action are recorded in external memory storage 211, perform by being loaded into cause CPU201 in RAM202 as required.
Next, use Fig. 3, the access control process that proxy server 101 carries out in the of the present invention 1st and the 2nd embodiment is described.
In addition, about Fig. 3 process flow diagram shown in process, be that the CPU201 of proxy server 101 reads the control program of regulation and the process that performs.
In step S301, the CPU201 of proxy server 101 obtains the URL becoming access destination from the HTTP request data sent from client computer PC102.
In step s 302, the CPU201 of proxy server 101 judges whether the access destination URL obtained in step S301 is present in access rule table (Fig. 4).That is, for this access destination URL, judge to be suitable for which access rule.
When being judged to be present in access rule table (step S302: "Yes"), process is made to transfer to step S303.
On the other hand, when being judged to not to be present in access rule table (step S302: "No"), process is made to transfer to step S306.
In step S303, the CPU201 of proxy server 101, for the access rule being judged in step s 302 to be suitable for, judges its action whether as disable access (disapproving data relay).
When being judged to be permits access in step S303 (step S303: license), process is made to transfer to step S306.
On the other hand, when being judged to be disable access in step S303 (step S303: forbid), process is made to transfer to step S304.
In step s 304, the CPU201 of proxy server 101 by the outcome record of the forbidden meaning of the access for URL that sends from client computer PC in access log sheet (Fig. 5).
Now, in access log table, not only record the result (rules results) of accessing the forbidden meaning, but also record from client computer PC102 have sent HTTP request data moment (access moment), identify the information (IP address etc.) (Client IP address), access destination URL etc. that have sent the client computer PC of HTTP request data.
In addition, when the HTTP request data sent from client computer PC102 comprise " RefererURL (with reference to origin url) ", also this RefererURL is recorded in the lump.
In step S305, the CPU201 of proxy server 101 sends the http response data of the result representing the forbidden meaning of access to the client computer PC102 as request source.
Then, the process shown in process ends figure.
The process of the situation beyond " forbidding " that to be the access destination URL situation that do not meet access rule sent from client computer PC102 in step s 302 or the action set the access rule met after step S306 be.
In step S306, the CPU201 of proxy server 101 conducts interviews to the WEB server 105 that the access destination URL obtained in step S301 represents.
In step S307, the CPU201 of proxy server 101 by the outcome record of the meaning licensed for the access of URL that sends from client computer PC in access log sheet (Fig. 5).Now, in the same manner as the process in step S304, to access log table, also record and have sent the moment (access moment) of HTTP request data, the IP address (Client IP address) that have sent the client computer PC of HTTP request data, access destination URL from client computer PC102.
In addition, when the HTTP request data sent from client computer PC102 comprise " RefererURL ", also this RefererURL is recorded in the lump.
In step S308, the CPU201 of proxy server 101 obtains response data from WEB server 105, and this response data is sent to the client computer PC102 as request source.
Then, the process shown in process ends figure.
In addition, in the present embodiment, be configured to for the access of URL not having to set in access rule table, permits access, but also can be configured to process by default and be set as that access is forbidden, and process according to its setting.
By above process, can in proxy server 101 perform, carry out record for the process of the HTTP request data sent from client computer PC102.
Next, use Fig. 6, the flow process of the process that the client computer PC102 in the of the present invention 1st and the 2nd embodiment, proxy server 101, WEB server 105 are respective is described.
In addition, in figure 6, the process of " accessed by multiple URL and form page entirety, for the URL specified by user itself, access licensed, but for the URL of the file acquisition destination as the image linked from here, access forbidden situation " is described.
In step s 601, from client computer PC102, HTTP request data (being equivalent to the step S301 Fig. 3) are sent to proxy server 101.In the example shown in Fig. 6, the HTTP request data (access destination URL) sent from client computer PC102 are " http://example.com/index.html ".
Then, in step S602, proxy server 101 obtains the HTTP request data sent in step s 601, could relaying (being equivalent to the step S302 of Fig. 3, S303) based on these data of access rule list deciding.
In the example shown in Fig. 6, the access destination URL sent from client computer PC102 is " http://example.com/index.html ", so meet the rule ID in access rule table: 3 (" http://example.com/ *").Therefore, the action of this rule is " license ", so in step S602, from the relaying licensed (being equivalent to the step S303 of Fig. 3: license) of the data that client computer PC102 sends.
In step S603, the WEB server 105 that proxy server 101 represents to " http://example.com/index.html " conducts interviews.Then, in step s 604, the response data of the access for step S603 is sent to proxy server 101 by WEB server 105, and proxy server 101 obtains this response data (being equivalent to the step S306 of Fig. 3).
In step s 605, the meaning licensed for the access for " http://example.com/index.html " is recorded in access log table and (is equivalent to the step S307 of Fig. 3) by proxy server 101.In addition, the access log recorded in step s 605 is equivalent to the daily record shown in " daily record ID:3 " of the access log table shown in Fig. 5.
In step S606, the response data obtained from WEB server 105 is sent to client computer PC102 (being equivalent to the step S308 of Fig. 3) by proxy server 101.
Then, in client computer PC102, the response data sent from proxy server 101 in step S606 is resolved, obtain the URL of the acquisition destination as view data comprised in WEB page.In addition, in the example shown in Fig. 6, response data to be resolved and the URL obtained is " http://bbs.example.com/image.png ".
In step S607, with the HTTP request data that obtained URL (http://bbs.example.com/image.png) is access destination, be sent to proxy server 101 (being equivalent to the step S301 of Fig. 3) from client computer PC102.Now, HTTP request data have " the http://example.com/index.html " of the URL of the WEB page as linked source as RefererURL.
Then, in step S608, proxy server 101 obtains the HTTP request data sent in step S607, could relaying (being equivalent to the step S302 of Fig. 3, S303) based on these data of access rule list deciding.
In the example shown in Fig. 6, the access destination URL sent from client computer PC102 is " http://bbs.example.com/image.png ", so meet the rule ID in access rule table: 1 (" http://bbs.example.com/ *").Therefore, the action of this rule is " forbidding ", so in step S608, does not carry out the relaying (being equivalent to the step S303 of Fig. 3: forbid) of the data sent from client computer PC.
In step S609, the forbidden meaning of access for " http://bbs.example.com/image.png " is recorded in access log table and (is equivalent to the step S30304 of Fig. 3) by proxy server 101.In addition, now, in access log table, " the http://example.com/index.html " as RefererURL is recorded in the lump.In addition, the daily record of recording in step S609 is equivalent to the daily record shown in " daily record ID:4 " of the access log table shown in Fig. 5.
Then, in step S610, from proxy server 101 couples of client computer PC102, send the information (being equivalent to the step S305 of Fig. 3) of the forbidden meaning of access.
Next, use Fig. 7, for the situation that the access to independently 2 WEB page is all denied access, the flow process of the process that client computer PC102, proxy server 101, WEB server 105 perform respectively is described.
In step s 701, from client computer PC102, HTTP request data (being equivalent to the step S301 Fig. 3) are sent to proxy server 101.In the example shown in Fig. 7, suppose that the HTTP request data (access destination URL) sent from client computer PC102 are " http://bbs.example.com/index.html ".
Then, in step S702, proxy server 101 obtains the HTTP request data sent in step s 701, could relaying (being equivalent to the step S302 of Fig. 3, S303) based on these data of access rule list deciding.
In the example shown in Fig. 7, the access destination URL sent from client computer PC102 is " http://bbs.example.com/index.html ", so meet the rule ID in access rule table: 1 (" http://bbs.example.com/ *").Therefore, the action of this rule is " forbidding ", so in step S702, does not carry out the relaying (being equivalent to the step S303 of Fig. 3: forbid) of the data sent from client computer PC102.
In step S703, the forbidden meaning of access for " http://bbs.example.com/index.html " is recorded in access log table and (is equivalent to the step S30304 of Fig. 3) by proxy server 101.In addition, the daily record of recording in step S703 is equivalent to the daily record shown in " daily record ID:1 " of the access log table shown in Fig. 5.
Then, in step S704, from proxy server 101 couples of client computer PC102, send the information (being equivalent to the step S305 of Fig. 3) of the forbidden meaning of access.
In step S705, from client computer PC102, HTTP request data (being equivalent to the step S301 Fig. 3) are sent to proxy server 101.In the example shown in Fig. 7, suppose that the HTTP request data (access destination URL) sent from client computer PC102 are " http://bbs.example.com/main.html ".
Then, in step S706, proxy server 101 obtains the HTTP request data sent in step S705, could relaying (being equivalent to the step S302 of Fig. 3, S303) based on these data of access rule list deciding.
In the example shown in Fig. 7, the access destination URL sent from client computer PC102 is " http://bbs.example.com/main.html ", so meet the rule ID in access rule table: 1 (" http://bbs.example.com/ *").Therefore, the action of this rule is " forbidding ", so in step S706, does not carry out the relaying (being equivalent to the step S303 of Fig. 3: forbid) of the data sent from client computer PC102.
In step S707, the forbidden meaning of access for " http://bbs.example.com/main.html " is recorded in access log table and (is equivalent to the step S30304 of Fig. 3) by proxy server 101.In addition, the daily record of recording in step S707 is equivalent to the daily record shown in " daily record ID:2 " of the access log table shown in Fig. 5.Now, in the HTTP request data sent in step S705, there is no RefererURL, so do not record RefererURL in access log table yet.
Then, in step S708, from proxy server 101 couples of client computer PC102, send the information (being equivalent to the step S305 of Fig. 3) of the forbidden meaning of access.
Next, use Fig. 8, illustrate proxy server 101 in the 1st embodiment of the present invention by the access log recorded in access log table, access the process of forbidden journal displaying in client computer PC102.
In addition, about Fig. 8 process flow diagram shown in process, be that the CPU201 of proxy server 101 reads the control program of regulation and the process that performs.
In step S801, the CPU201 of proxy server 101 accepts the interview from user the setting of search condition of daily record.
In addition, for the setting of search condition, be accept via the search condition setting screen (Fig. 9) shown in client computer PC102.
Herein, the search condition setting screen of an example shown in Figure 9 is described.
In the picture shown in Fig. 9, as the search condition of retrieval access log, the setting of the moment condition (period, time range) in the moment that can conduct interviews, the ON/OFF of " automatically getting rid of parsing " and " automatically get rid of parsing time ".
When " automatically getting rid of parsing " is OFF, become display object according to all access logs that moment conditional information retrieval goes out.
When " automatically getting rid of parsing " is ON, according in the access log that moment conditional information retrieval goes out, the daily record of not recording RefererURL and have recorded and become display object from accessed daily record after have passed through time that use " automatically gets rid of the parsing time " and set to the access moment of this RefererURL in the daily record of RefererURL.In addition, for automatically getting rid of the parsing time, can be set arbitrarily by user.
In the example shown in Fig. 9, show and retrieve during the access moment of recording in access log table is " 28, on October of (gold) ~ 2010 on October 1 (wood) in 2010 ", the example of the daily record of " when 00 00 point ~ 24 time 00 point " (all day).
In addition, ON (choice box is selected) owing to automatically getting rid of parsing, so as mentioned above, based in the access log that moment conditional information retrieval goes out, the daily record of not recording RefererURL and have recorded and become display object from have passed through accessed daily record afterwards in 10 seconds more than to the access moment of this RefererURL in the daily record of RefererURL.
In step S802, the CPU201 of proxy server 101 judges to get rid of to resolve whether be set to ON (whether having beaten " √ " mark in choice box) in the condition set in step S801, automatically.
When being set to OFF (step S802: " OFF "), process is made to transfer to step S803.
When being set to ON (step S803: " ON "), process is made to transfer to step S804.
In step S803, the CPU201 of proxy server 101 in order to all disable access daily records (rules results is registered as the access log forbidden) gone out according to the moment conditional information retrieval set in step S801 be shown in client computer PC102, and is sent to client computer PC102.
In step S804, the CPU201 of proxy server 101 reads in the initial access log in the access log recorded in access log table.
In step S805, the CPU201 of proxy server 101 judges that whether " rules results " of the access log read in step S804 be for forbidding.
Forbid if the judgment is Yes (step S805: "Yes"), then make process transfer to step S806.
If be judged as it not being forbid (step S805: "No"), then process is made to transfer to step S812.That is, this access log is excluded from display object.
In step S806, the CPU201 of proxy server 101 judges whether the access moment of the access log read in step S804 meets the moment condition set in step S801.That is, in the example of figure 9, during judging whether the access moment of this access log be " 28, on October of (gold) ~ 2010 on October 1 (wood) in 2010 ".
When being judged as meeting moment condition (step S806: "Yes"), process is made to transfer to step S807.
When being judged as not meeting moment condition (step S806: "No"), process is made to transfer to step S812.That is, this access log is excluded from display object.
In step S807, judge whether the HTTP pattern of the access log read in step S804 is GET pattern.
GET pattern (step S807: "Yes"), then make process transfer to step S808 if the judgment is Yes.
If be judged as it not being GET pattern (step S807: "No"), then process is made to transfer to step S811.That is, this access log is shown in client computer PC102 as display object.
In step S808, the CPU201 of proxy server 101 judges whether record RefererURL in the access log read in step S804.
When being judged as recording RefererURL (step S808: "Yes"), process is made to transfer to step S809.
When being judged as not recording RefererURL (step S808: "No"), process is made to transfer to step S811.That is, this access log is shown in client computer PC102 as display object.
In step S809, the CPU201 of proxy server 101 obtains following access log, and this access log is with the access log that the access for the RefererURL recorded in the access log read in step S804 is correlated with and is the access log that have recorded the Client IP address identical with " Client IP address " of the access log read in step S804.
In addition, in the present embodiment, in the judgement of homogeneity, employ the IP address of the client computer PC of access originator, but be not limited thereto, also can judge homogeneity by other benchmark.
In step S810, the CPU201 of proxy server 101 judges whether the access moment of the access log read in step S804 is when have passed through the automatic eliminating parsing time set in step S801 from the access moment (the access moment to RefererURL) of the access log obtained in step S809.That is, judge whether to the access relevant in the access log read in step S804 be from have passed through the access automatically got rid of after the parsing time to the access of RefererURL.
When being judged as YES the access from have passed through to the access of RefererURL after the automatic eliminating parsing time (step S810: "Yes"), process is made to transfer to step S811.That is, this access log is shown in client computer PC102 as display object.
When be judged as YES to the access of RefererURL through automatically getting rid of the access before the parsing time (step S810: "No"), make process transfer to step S812.That is, this access log is excluded from display object.
In step S811, the CPU201 of proxy server 101, in order to be shown in client computer PC102 by the access log read in step S804, is sent to client computer PC102.
In step S812, the CPU201 of proxy server 101 judges that whether the access log that reads in step S804 is the last access log in the access log recorded in access log table.
Access log (step S812: "Yes") last if the judgment is Yes, then the process shown in process ends figure.
If be judged as it not being last access log (step S812: "No"), then make process transfer to step S804, ensuing access log is read in 1 row.
By above process, only the daily record that user's (reviewer) intentionally accesses can be informed to supervisory person.Thereby, it is possible to carry out the log management be applicable to.
Specifically, relevant to the request msg that have recorded RefererURL access is not that the possibility of intentional access is high.But all access that the not talkative request msg to have recorded RefererURL is relevant are all do not have intentional access, even if having recorded RefererURL, it is also likely intentional access.Therefore, consider from the elapsed time to the access of RefererURL, although be the access that have recorded RefererURL, also determine whether intentional access.
That is, when short from the elapsed time to the access of RefererURL, be that the possibility of the daily record that browser is automatically asked is high.On the other hand, about from the access after have passed through certain hour to the access of RefererURL, the possibility that can be described as the intentional access of user (clicking link destination etc.) is high.Therefore, by considering from the elapsed time to the access of RefererURL, intentional access can suitably be determined whether.
Like this, determine whether intentional access, for the daily record not having intentional access, do not carry out notifying/showing, thus the time that supervisory person search is mixed in the useful daily record in a large amount of daily records can be reduced.Its result, can carry out effective log management.
And then, in the present embodiment, judging to ask " whether being GET pattern " in step S807, when not being GET pattern, being set as display object daily record.This is because, for the situation not being GET pattern (such as POST etc.), no matter with or without RefererURL, from the elapsed time to the access of RefererURL, be that the situation of intentional access is many.By the judgement process in this step S807, can show supervisory useful daily record.
In addition, the object of the invention is to make not show supervisory otiose access log.Therefore, the process in step S807 is not to reach object of the present invention and necessary process, reaches object of the present invention even if omit yet.
Next, use Figure 10 and Figure 11, illustrate the access log shown in client computer PC102 by the process shown in the process flow diagram of Fig. 8.
Picture shown in Figure 10 is the picture shown in client computer PC102 in the step S803 of Fig. 8.That is, in the access log recorded in display access log sheet (Fig. 5), rules results is forbidden and meets in all access logs of step S801 through the moment condition of search condition setting screen setting as shown in Figure 9.
In the picture shown in Figure 10, the daily record ID:1 in display access log sheet, 2,4,5,6, the access log of 8.
Picture shown in Figure 11 is the picture shown in client computer PC102 in the step S811 of Fig. 8.
Below, use the process flow diagram of access log table (Fig. 5) and Fig. 8, describe the access log shown in Figure 11 in detail.In addition, as moment condition, suppose condition shown in Fig. 9 (during being " 28, on October of (gold) ~ 2010 on October 1 (wood) in 2010 ", " when 00 00 point ~ 24 time 00 point ").
About the access log of " the daily record ID:1 " shown in access log table, be " rules results: forbid ", " moment condition: meet ", " HTTP pattern: GET ", " RefererURL: nothing ".Therefore, be judged as "No" in step S808 in fig. 8, in step S811, be set as display object.
About the access log of " daily record ID:2 ", be " rules results: forbid ", " moment condition: meet ", " HTTP pattern: GET ", " RefererURL: nothing ", so be set as display object in the same manner as the access log of daily record ID:1.
About the access log of " daily record ID:3 ", be " rules results: license ", so be judged as "No" in the step S805 of Fig. 8, get rid of from display object.
About the access log of " daily record ID:4 ", it is " rules results: forbid ", " moment condition: meet ", " HTTP pattern: GET ", " RefererURL: have ", " mistiming to the access of RefererURL: automatically get rid of within the parsing time ", so be judged as "No" in the step S810 of Fig. 8, get rid of from display object.
In addition, the access log relevant to the access to RefererURL is the daily record of " daily record ID:3 ", and the mistiming from this access is 0 second.Therefore, the access within eliminating automatically parsing time (10 seconds) is judged as YES.
About the access log of " daily record ID:5 ", get rid of from display object in the same manner as the access log of daily record ID:4.
In addition, the access log relevant to the access to RefererURL is the daily record of " daily record ID:3 ", and the mistiming from this access is 2 seconds.Therefore, the access within eliminating automatically parsing time (10 seconds) is judged as YES.
About the access log of " daily record ID:6 ", it is " rules results: forbid ", " moment condition: meet ", " HTTP pattern: GET ", " RefererURL: have ", " mistiming to the access of RefererURL: the eliminating parsing time is through later automatically ", so be judged as "Yes" in step S810, in step S811, be set to display object.
In addition, the access log relevant to the access to RefererURL is the daily record of " daily record ID:3 ", and the mistiming from this access is 20 seconds.Therefore, the access that have passed through and automatically get rid of after the parsing time (10 seconds) is judged as YES.
About the access log of " daily record ID:7 ", be " rules results: license ", so be judged as "No" in the step S805 of Fig. 8, get rid of from display object.
About the access log of " daily record ID:8 ", be " rules results: forbid ", " moment condition: meet ", " HTTP pattern: POST ", so be judged as "No" in the step S807 of Fig. 8, in step S811, be set to display object.
Figure 12 is the block diagram of the functional structure of the proxy server 101 illustrated in the present invention.
Acquisition unit 1201 obtains the data acquisition sent WEB server from client computer PC102 and requires (request msg).
Judge whether comprise with reference to origin url in the request msg obtained in acquisition unit 1201 with reference to source judging unit 1202.
Notification unit 1203 is that the access log notified informs to supervisory person by being determined by the 1st determination section 1205, the 2nd determination section 1208.
Mistiming calculating part 1204 calculates moment that request msg that acquisition unit 1201 obtains sends from client computer PC102, and the reference origin url comprised this request msg be have sent to mistiming in the moment of request msg.
1st determination section 1205, according to the mistiming calculated by mistiming calculating part 1204, determines whether notify access log to supervisory person.
Mistiming setting receiving portion 1206 receives and becomes the setting determining the mistiming of the benchmark whether notifying access log for the 1st determination section 1205.
Relay and control portion 1207 determines that the request msg sent from client computer PC102 could relaying.
2nd determination section 1208 could relaying by what determined by relay and control portion 1207, determines whether the access log relevant to this request msg to inform to supervisory person.
The request msg sent from client computer PC102 is stored as daily record by storage part 1209.
Search condition receiving portion 1210 waits from supervisory person the setting accepting the condition being used for the daily record data stored retrieve stored portion 1209.
In the daily record data that extraction unit 1211 stores from storage part 1209, extract the daily record data consistent with the search condition accepted by search condition receiving portion 1210 out.
< the 2nd embodiment >
Next, the 2nd embodiment of the present invention is described.
In the 1st embodiment, when automatically to get rid of resolve be ON, consider from the elapsed time to the access of RefererURL, judge whether display access daily record.
In contrast, the 2nd embodiment does not consider the elapsed time to the access of RefererURL, and by whether comprising RefereURL in request msg, judge whether the embodiment of display access daily record.
Namely, in condition setting screen (Fig. 9) in the 1st embodiment, automatically the setting of parsing time can be got rid of, but in the condition setting screen (not shown) in the 2nd embodiment, become the picture (become to be merely able to set and whether carry out automatically getting rid of the picture of resolving) that cannot carry out this setting.
Figure 13 illustrates in the 2nd embodiment of the present invention, proxy server 101 by the access log recorded in access log table, the process flow diagram of accessing the process of forbidden journal displaying in client computer PC102.That is, be the process flow diagram of Fig. 8 in replacement the 1st embodiment.
In addition, about Figure 13 process flow diagram shown in process, be that the CPU201 of proxy server 101 reads the control program of regulation and the process that performs.
About the process shown in step S1301 ~ step S1307, be the process identical with the process shown in the step S801 in Fig. 8 ~ S807.Therefore, explanation is herein omitted.
In step S1308, the CPU201 of proxy server 101 judges whether record RefererURL in the access log read in step S1304.
When being judged as recording RefererURL (step S1308: "Yes"), process is made to transfer to step S1310.
When being judged as not recording RefererURL (step S1308: "No"), process is made to transfer to step S1309.
In step S1309, the CPU201 of proxy server 101, in order to be shown in client computer PC102 by the access log read in step S1304, is sent to client computer PC102.
In step S1310, the CPU201 of proxy server 101 judges that whether the access log that reads in step S1304 is the last access log in the access log recorded in access log table.
Access log (step S1310: "Yes") last if the judgment is Yes, then the process shown in process ends figure.
If be judged as it not being last access log (step S1310: "No"), then make process transfer to step S1304, ensuing access log is read in 1 row.
As mentioned above, in the process in the 2nd embodiment, do not perform the step S809 in the 1st embodiment and the process shown in step S810.Thus, no matter from the elapsed time to the access of RefererURL, the access log of RefererURL can will be there is not as display object in request msg.
Picture shown in Figure 14 is the picture shown in client computer PC102 by the process of the step S1311 of the Figure 13 in the 2nd embodiment.
Daily record ID:1 in display access log sheet (Fig. 5), 2, the access log of 8.
That is, display meets in the daily record of set moment condition, " access forbidden daily record and do not record the daily record of RefererURL " and " access forbidden daily record and be not the daily record of GET pattern ".
By above process, only the daily record that user's (reviewer) intentionally have accessed can be informed to supervisory person.Its result, can carry out the log management be applicable to.
Specifically, can say that the access relevant to the request msg recording RefererURL is not the intentional access of user (clickthrough destination etc.), but the possibility that browser automatically obtains data is high.
Like this, by with or without RefererURL, determine whether intentional access, for the daily record not having intentional access, do not carry out notifying/showing, thus the time that supervisory person search is mixed in the useful daily record in a large amount of daily records can be reduced.Thereby, it is possible to carry out efficient log management.
And then, in the present embodiment, judging to ask " whether being GET pattern " in step S1307, when not being GET pattern, being set to display object daily record.This is because, for the situation not being GET pattern (such as POST etc.), no matter with or without RefererURL, be that the situation of intentional access is more.By the judgement process in this step S1307, can show supervisory useful daily record.
In addition, the object of the invention is to not show supervisory otiose access log, so the process in step S1307 is not to reach object of the present invention and necessary process, also reaching object of the present invention even if omit.
< the 3rd embodiment >
Next, the 3rd embodiment of the present invention is described.
3rd embodiment is by whether comprising RefererURL in request msg, judges whether to leave the access log relevant to this request.
In the 1st and the 2nd embodiment, leave the access log (with reference to Fig. 3) relevant to all requests, considering when showing this daily record with or without RefererURL, having judged whether show (with reference to Fig. 8, Figure 13) from the elapsed time to the access of RefererURL.
In the 3rd embodiment, the structure by determining whether staying access log with or without RefererURL is described.
Figure 15 illustrates in the 3rd embodiment of the present invention, and proxy server 101 receives the request msg sent from client computer PC102, records the process flow diagram of the process of the access log relevant to this request.That is, be the figure of process flow diagram of Fig. 3 in replacement the 1st and the 2nd embodiment.
In addition, about Figure 15 process flow diagram shown in process, be that the CPU201 of proxy server 101 reads the control program of regulation and the process that performs.
In step S1501, the CPU201 of proxy server 101 obtains the HTTP request data sent from client computer PC102, obtains the URL becoming access destination from this request msg.
In step S1502, the CPU201 of proxy server 101 judges whether the access destination URL obtained in step S1501 is present in access rule table (Fig. 4).That is, for this access destination URL, judge to be suitable for which access rule.
When being judged to be present in access rule table (step S1502: "Yes"), process is made to transfer to step S1504.
On the other hand, when being judged as not being present in access rule table (step S1502: "No"), process is made to transfer to step S1503.
In step S1503, the CPU201 of proxy server 101, for the access rule being judged to be suitable in step S1502, judges its action whether as disable access (disapproving data relay).
When being judged to be permits access in step S1503 (step S1503: license), process is made to transfer to step S1504.
On the other hand, when being judged to be disable access in step S1503 (step S1503: forbid), process is made to transfer to step S1506.
In step S1504, the CPU201 of proxy server 101 conducts interviews to the WEB server 105 that the access destination URL obtained in step S1501 represents.
In step S1505, the CPU201 of proxy server 101 obtains response data from WEB server 105, and this response data is sent to the client computer PC102 as request source.
Then, the process shown in process ends figure.
In step S1506, the CPU201 of proxy server 101 judges whether the pattern of the HTTP request data obtained in step S1501 is GET pattern.
When being judged as YES GET pattern (step S1506: "Yes"), process is made to transfer to step S1507.
When being judged as not being GET pattern (step S1506: "No"), process is made to transfer to step S1508.
In step S1507, the CPU201 of proxy server 101 judges whether record RefererURL in the request msg obtained in step S1501.
When being judged as recording RefererURL (step S1507: "Yes"), process is made to transfer to step S1509.
When being judged as not recording RefererURL (step S1507: "No"), process is made to transfer to step S1508.
In step S1508, the CPU201 of proxy server 101 by the outcome record of the forbidden meaning of the access for URL of asking from client computer PC in access log sheet (Figure 18).
Now, in access log table, the not only result (rules results) of the forbidden meaning of record access, but also record from client computer PC102 have sent HTTP request data moment (access moment), identify the information (IP address etc.) (Client IP address), access destination URL etc. that have sent the client computer PC of HTTP request data.
In step S1509, the CPU201 of proxy server 101 sends the http response data of the result representing the forbidden meaning of access to the client computer PC102 as request source.
Then, the process shown in process ends figure.
In addition, in the present embodiment, be configured to for the access of URL not having to set in access rule table, permits access, but also can be configured to process by default be set as that access is forbidden, and process according to its setting.
By above process, can the daily record that intentionally have accessed of a recording user (reviewer).Thereby, it is possible to carry out the log management be applicable to.
Specifically, the access relevant to the request msg recording RefererURL is not the intentional access of user (clickthrough destination etc.), and can be described as browser, automatically to obtain the possibility of data high.
Like this, by with or without RefererURL, determine whether intentional access, for the daily record not being intentional access, do not stay as record, thus the time that supervisory person search is mixed in the useful daily record in a large amount of daily records can be reduced.Thereby, it is possible to carry out efficient log management.
And then, in the present embodiment, judging to ask " whether being GET pattern " in step S1506, when not being GET pattern, leaving daily record as record.This is because, for not being GET pattern (such as POST etc.), no matter with or without RefererURL, be that the situation of intentional access is more.By the judgement process in this step S1506, can record supervisory useful daily record.
In addition, the object of the invention is to, for supervisory otiose access log, non-registration (not staying as record), so the process in step S1506 is not to reach object of the present invention and necessary process, also object of the present invention can be reached even if omit.
In addition, by adopting the structure of daily record and the unwanted daily record judged when record access daily record supervisory needs, thus judgement when not needing show log.Like this, by not recording unwanted daily record, the resource (storage area etc.) of proxy server etc. can be effectively utilized.
Figure 22 illustrates in the 3rd embodiment of the present invention, and proxy server 101 is in order to display access daily record and send the process flow diagram of process of access log to client computer PC102 in client computer PC102.
In addition, for Figure 22 process flow diagram shown in process, be that the CPU201 of proxy server 101 reads the control program of regulation and the process that performs.
In step S2201, the CPU201 of proxy server 101 accepts the interview from user the setting of search condition of daily record.In addition, for the setting of search condition, accept via the search condition setting screen (Figure 23) shown in client computer PC102.
Herein, the search condition setting screen of an example shown in Figure 23 is described.
In the picture shown in Figure 23, as the condition of retrieval access log, the setting of the moment condition (period, time range) in the moment that can conduct interviews.
In the example shown in Figure 23, show during the access moment of recording in access log table is " 28, on October of (gold) ~ 2010 on October 1 (wood) in 2010 ", the example of the daily record of retrieval " when 00 00 point ~ 24 time 00 point " (all day).
In step S2202, the CPU201 of proxy server 101 extracts the access log consistent with the search condition accepted among step S2201 out from access log table.
In step S2203, the CPU201 of proxy server 101 is sent to client computer PC102 in order to the access log extracted out in step S2202 is shown in client computer PC102.
If client computer PC102 receives the access log sent by above process, then in client computer PC102, the picture (shown picture is identical with the 2nd embodiment) of an example shown in display Figure 14.
< the 4th embodiment >
Next, the 4th embodiment of the present invention is described.
In the 4th embodiment, by whether comprising RefererURL and from the elapsed time to the access of RefererURL, judge whether to leave the access log relevant to this request in request msg.
Namely, in the 3rd embodiment, for the access log relevant to the request msg comprising RefererURL, all do not leave record (not storing daily record), but in the 4th embodiment, for the access log relevant to the request msg comprising RefererURL, also by from the elapsed time to the access of this RefererURL, determine whether storing daily record.
Figure 16 illustrates in the 4th embodiment of the present invention, and proxy server 101 receives the request msg sent from client computer PC102, records the process flow diagram of the process of the access log relevant to this request.
In addition, about Figure 16 process flow diagram shown in process, be that the CPU201 of proxy server 101 reads the control program of regulation and the process that performs.
In addition, about the process of step S1601 ~ S1606, be the process identical with the step S1501 ~ S1506 of the Figure 15 in the 3rd embodiment, so omit explanation herein.
In step S1607, the CPU201 of proxy server 101 judges whether record RefererURL in the request msg obtained in step S1601.
When being judged as recording RefererURL (step S1607: "Yes"), process is made to transfer to step S1608.
When being judged as not recording RefererURL (step S1607: "No"), process is made to transfer to step S1609.
In step S1608, the CPU201 of proxy server 101 judge the request msg obtained in step S1601 delivery time, with the difference in the access moment to RefererURL judged in step S1607 whether more than the threshold value shown in Figure 20.That is, determine whether from have passed through to the access of RefererURL exceed threshold value time after access.In addition, via the setting screen shown in Figure 21, wait the threshold value shown in setting Figure 20 by supervisory person.
When being judged as, from when have passed through the time exceeding threshold value to the access moment of RefererURL (step S1608: "Yes"), making process transfer to step S1609.
When being judged as not exceeding threshold value from the elapsed time to the access moment of RefererURL (step S1608: "No"), process is made to transfer to step S1610.
In step S1609, the CPU201 of proxy server 101 by the outcome record of the forbidden meaning of the access for URL that sends from client computer PC in access log sheet (Figure 19).
Now, in access log table, the not only result (rules results) of the forbidden meaning of record access, but also record from client computer PC102 have sent HTTP request data moment (access moment), identify the information (IP address etc.) (Client IP address), access destination URL etc. that have sent the client computer PC of HTTP request data.
In addition, when the HTTP request data sent from client computer PC102 comprise " RefererURL (with reference to origin url) ", also this RefererURL is recorded in the lump.
In step S1610, the CPU201 of proxy server 101 sends the http response data of the result representing the forbidden meaning of access to the client computer PC102 as request source.
Then, the process shown in process ends figure.
By above process, can the daily record that intentionally have accessed of a recording user (reviewer).Thereby, it is possible to carry out the log management be applicable to.
Specifically, the access relevant to the request msg recording RefererURL is not the intentional access of user, but the possibility that browser is automatically accessed is high.But all access that the not talkative request msg to recording RefererURL is relevant are intentional access, even if record RefererURL, are also likely intentional access.Therefore, consider from the elapsed time to the access of RefererURL, even record the access of RefererURL, also determine whether intentional access.
That is, when short from the elapsed time to the access of RefererURL, be that the possibility of the daily record that browser is automatically asked is high.On the other hand, about from the access after have passed through certain hour to the access of RefererURL, the possibility that can be described as the intentional access of user (clicking link destination etc.) is high.Therefore, by considering from the elapsed time to the access of RefererURL, intentional access can compatibly be determined whether.
Like this, determine whether intentional access, for the daily record not being intentional access, do not stay as record, thus the time that supervisory person search is mixed in the useful daily record in a large amount of daily records can be reduced.Its result, can carry out efficient log management.
And then, in the present embodiment, judging to ask " whether being GET pattern " in step S1606, when not being GET pattern, being set as display object daily record.This is because, for not being GET pattern (such as POST etc.), no matter with or without RefererURL, from the elapsed time to the access of RefererURL, be that the situation of intentional access is more.By the judgement process in this step S1606, can show supervisory useful daily record.
In addition, the object of the invention is to, do not show supervisory otiose access log, so the process in step S1606 is not to reach object of the present invention and necessary process, also can reach object of the present invention even if omit.
In addition, by adopting the structure of daily record and the unwanted daily record judged when record access daily record supervisory needs, thus judgement when not needing show log.Like this, by not recording unwanted daily record, the resource (storage area etc.) of proxy server etc. can be effectively utilized.
In the 4th embodiment, about proxy server 101 in order to display access daily record in client computer PC102, and send the process of access log to client computer PC102, as shown in the process flow diagram of Figure 22 (being the process identical with the 3rd embodiment).
In the 4th embodiment, about the picture shown in client computer PC102 when receiving the access log sent by the process of Figure 22 at client computer PC102, it is the picture (being the picture identical with the 1st embodiment) shown in Figure 11.
Herein, with reference to Figure 17, the structure of HTTP request data is described.As shown in figure 17, in the request line 1701,1702 of HTTP data, set model (in the example of Figure 17 for GET pattern), become the URL information (request URL) of sending destination, the version information of HTTP.
In the 1st ~ 4th embodiment of the present invention, the URL information of setting in this request line 1701,1702 is contrasted as access destination URL with relay and control rule.
In addition, in Referer1703, setting becomes the URL information (RefererURL (with reference to origin url)) of the transmission source of these HTTP data.In the 1st ~ 4th embodiment of the present invention, judge, in HTTP data, whether to record this Referer1703.
In addition, structure and the content thereof of above-mentioned various data are not limited thereto, can certainly according to purposes, object, by various structure, Composition of contents.
As mentioned above, by have recorded the recording medium of the program of the function realizing above-mentioned embodiment to system or unit feeding, and the program stored in the computing machine of this system or device (or CPU, MPU) read-out recording medium is performed, certainly also can reach object of the present invention.
In this case, the program itself read from recording medium realizes new function of the present invention, and the recording medium that have recorded this program forms the present invention.
As the recording medium for supplying program, such as, floppy disk, hard disk, CD, photomagneto disk, CD-ROM, CD-R, DVD-ROM, tape, non-volatile storage card, ROM, EEPROM, silicone disc etc. can be used.
In addition, by performing the program that computing machine reads, the function of above-mentioned embodiment can not only be realized, and certainly also comprise following situation: according to the instruction of this program, the OS (operating system) etc. run on computers carries out part or all of actual process, and is realized the situation of the function of above-mentioned embodiment by this process.
And then, certainly following situation is also comprised: after the program read from recording medium being written in the storer possessed in insertion expansion board in a computer, the function expansion component that is connected with computing machine, according to the instruction of this program code, make the CPU etc. possessed in this expansion board, function expansion component carry out part or all of actual process, realized the situation of the function of above-mentioned embodiment by this process.
In addition, the present invention can either be applicable to the system be made up of multiple equipment, also can be applicable to the device be made up of an equipment.In addition, the present invention can also be applicable to the situation by reaching system or unit feeding program certainly.In this case, by reading in this system or device by the recording medium stored for reaching program of the present invention, this system or device can enjoy effect of the present invention.
And then be used for reaching program of the present invention by being downloaded from the server on network, database by signal procedure and read, this system or device can enjoy effect of the present invention.In addition, structure the respective embodiments described above and variation combination thereof obtained all is contained in the present invention.

Claims (18)

1. a signal conditioning package, is characterized in that, possesses:
Acquiring unit, obtains the data acquisition requirement sent WEB server from end device;
Relay control unit, according to for judge the data acquisition obtained by described acquiring unit require could relaying relay and control rule, control the relaying of described data acquisition requirement;
With reference to source judging unit, judge in the data acquisition obtained by described acquiring unit requires, whether comprise the reference origin url of this data acquisition requirement; And
Notification unit, is judged as not comprising the data acquisition requirement with reference to origin url with reference to source judging unit about by described, to the record of the relay and control of being undertaken by described relay control unit that supervisory person's notice requires for this data acquisition.
2. signal conditioning package according to claim 1, is characterized in that, also possesses:
Time difference calculating unit, when by described with reference to source judging unit be judged as the data acquisition obtained by described acquiring unit require to comprise represent the information with reference to source that this data acquisition requires, calculate have sent this data acquisition requirement moment, with the mistiming that have sent the moment that data acquisition requires with reference to source that this data acquisition is required; And
1st determining means, according to the mistiming calculated by described time difference calculating unit, determines that the record of the relay and control whether required by the described data acquisition obtained for described acquiring unit notifies,
Described notification unit determines to inform to supervisory person for the record carrying out the relay and control notified by by described 1st determining means.
3. signal conditioning package according to claim 2, is characterized in that,
Described 1st determining means, when the mistiming calculated by described time difference calculating unit has exceeded official hour difference, determines that the record of the relay and control for being required by the described data acquisition obtained for described acquiring unit notifies.
4. signal conditioning package according to claim 3, is characterized in that,
Also possess mistiming setting receiving unit, this mistiming setting receiving unit accepts the setting of described official hour difference,
Described 1st determining means when the mistiming calculated by described time difference calculating unit exceeded by described time set receiving unit receive the mistiming of setting, determine that the record of the relay and control for being required by the described data acquisition obtained for described acquiring unit notifies.
5. signal conditioning package according to claim 4, is characterized in that, also possesses:
2nd determining means, the 2nd determining means could relaying according to what determined by described relay control unit, determines that the record of the relay and control whether required by the data acquisition obtained for described acquiring unit notifies,
The record of the relay and control required for described data acquisition that described 2nd determining means determines as carrying out notifying by described notification unit further informs to supervisory person.
6. signal conditioning package according to claim 5, is characterized in that,
Also possesses storage unit, the record of the relay and control that this cell stores is undertaken by described relay control unit, the record of this relay and control comprise have sent from described end device moment that data acquisition requires and represent this data acquisition require data acquisition require the information of destination.
7. signal conditioning package according to claim 6, is characterized in that,
Described storage unit does not store the record not carried out the relay and control notified by described notification unit.
8. signal conditioning package according to claim 7, is characterized in that, also possesses:
Search condition receiving unit, accepts search condition; And
Extract unit out, extract the record of the described relay and control consistent with the search condition accepted by described search condition receiving unit from described storage unit out,
Described notification unit is to the record of the relay and control that supervisory person's notice is extracted out by described extraction unit.
9. signal conditioning package according to claim 8, is characterized in that,
The search condition accepted by described search condition receiving unit comprises moment condition.
10. an information processing method, is characterized in that, possesses:
Obtain operation, the acquiring unit of signal conditioning package obtains the data acquisition requirement sent WEB server from end device;
Relay and control operation, the relay control unit of described signal conditioning package, according to could the relay and control rule of relaying for judging that the data acquisition obtained by described acquisition operation is required, controls the relaying of described data acquisition requirement;
Judge operation with reference to source, the reference source judging unit of described signal conditioning package judges, in the data acquisition obtained by described acquisition operation is required, whether to comprise the reference origin url of this data acquisition requirement; And
Notice operation, with reference to source, the notification unit of described signal conditioning package judges that operation is judged as not comprising the data acquisition requirement with reference to origin url about by described, notify the record of the relay and control of being undertaken by described relay and control operation required for this data acquisition to supervisory person.
11. information processing methods according to claim 10, is characterized in that also possessing:
Mistiming calculation process, the time difference calculating unit of described signal conditioning package when by described with reference to source judge operation be judged as the data acquisition obtained in described acquisition operation require to comprise represent the information with reference to source that this data acquisition requires, calculate have sent this data acquisition requirement moment, have sent the mistiming in the moment that data acquisition requires with the reference source required this data acquisition; And
1st determines operation, and the 1st determining means of described signal conditioning package, according to the mistiming calculated by described mistiming calculation process, determines whether notified by the record of the relay and control required for the described data acquisition obtained by described acquisition operation,
In described notice operation, determine that operation determines to inform to supervisory person for the record carrying out the relay and control notified by by the described 1st.
12. information processing methods according to claim 11, is characterized in that,
Determine in operation the described 1st, when the mistiming calculated by described mistiming calculation process has exceeded official hour difference, determine as the record of the relay and control required for the described data acquisition obtained by described acquisition operation is notified.
13. information processing methods according to claim 12, is characterized in that,
Also possess mistiming setting and accept operation, in this mistiming, setting accepts in operation, and the mistiming setting receiving unit of described signal conditioning package accepts the setting of described official hour difference,
Determine in operation the described 1st, when the mistiming calculated by described mistiming calculation process exceeded by the setting of described time accept operation receive the mistiming of setting, determine as the record of the relay and control required for the described data acquisition obtained by described acquisition operation is notified.
14. information processing methods according to claim 13, is characterized in that also possessing:
2nd determines operation, and the 2nd determining means of described signal conditioning package could relaying according to what determined by described relay and control operation, determines whether notified by the record of the relay and control for the data acquisition requirement by described acquisition operation acquisition,
In described notice operation, further the record of the relay and control required for described data acquisition determining to determine in operation for carrying out notifying the described 2nd is informed to supervisory person.
15. information processing methods according to claim 14, is characterized in that,
Possesses storage operation further, in this storage operation, the record of the relay and control that the cell stores of described signal conditioning package is undertaken by described relay and control operation, the record of this relay and control comprise have sent from described end device moment that data acquisition requires and represent this data acquisition require data acquisition require the information of destination.
16. information processing methods according to claim 15, is characterized in that,
In described storage operation, do not store the record not carried out the relay and control notified by described notice operation.
17. information processing methods according to claim 16, is characterized in that also possessing:
Search condition accepts operation, and the search condition receiving unit of described signal conditioning package accepts search condition; And
Extract operation out, the extraction unit of described signal conditioning package extracts the record of the described relay and control consistent with the search condition accepting to accept operation in described search condition out from described storage unit,
In described notice operation, supervisory person is notified to the record of the relay and control of extracting out in described extraction operation.
18. information processing methods according to claim 17, is characterized in that,
The search condition being accepted operation acceptance by described search condition comprises moment condition.
CN201110393360.9A 2010-12-24 2011-12-01 Information processing device and information processing method Active CN102567466B (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
JP2010288723 2010-12-24
JP2010-288723 2010-12-24
JP2011-216742 2011-09-30
JP2011216742A JP5234683B2 (en) 2010-12-24 2011-09-30 Information processing apparatus, information processing method, and program

Publications (2)

Publication Number Publication Date
CN102567466A CN102567466A (en) 2012-07-11
CN102567466B true CN102567466B (en) 2015-03-18

Family

ID=46412876

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110393360.9A Active CN102567466B (en) 2010-12-24 2011-12-01 Information processing device and information processing method

Country Status (1)

Country Link
CN (1) CN102567466B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1732701A (en) * 2002-12-30 2006-02-08 摩托罗拉公司 Apparatus for restricted browser access within a wireless communication device and method therefor
CN101047576A (en) * 2007-04-13 2007-10-03 华为技术有限公司 Contents control method and system
CN101896931A (en) * 2007-12-11 2010-11-24 微软公司 Webpage domain monitoring

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4839278B2 (en) * 2007-01-26 2011-12-21 ヤフー株式会社 Processing omission determination program and apparatus based on URL similarity analysis
JP2008234332A (en) * 2007-03-20 2008-10-02 Fujitsu Ltd Filtering device, filtering method and filtering program for web site browsing, storage medium storing the filtering program, and filtering system for web site browsing

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1732701A (en) * 2002-12-30 2006-02-08 摩托罗拉公司 Apparatus for restricted browser access within a wireless communication device and method therefor
CN101047576A (en) * 2007-04-13 2007-10-03 华为技术有限公司 Contents control method and system
CN101896931A (en) * 2007-12-11 2010-11-24 微软公司 Webpage domain monitoring

Also Published As

Publication number Publication date
CN102567466A (en) 2012-07-11

Similar Documents

Publication Publication Date Title
CN102395992B (en) Method and system utilizing user-state-monitoring objects and relevant data to monitor and provide customer service online
CN103109288A (en) Instant messaging robot to provide product information
JP2003058395A (en) Log collecting/analyzing system, log collecting method, log collecting program for making computer perform, log analyzing method, log analyzing program for making computer perform, log collecting device, log analyzing device, log collecting terminal and log server
JP4897376B2 (en) Information processing apparatus, information processing system, information processing method, information processing program, and recording medium
CN110674140A (en) Block chain-based content processing method, device, equipment and storage medium
Jain et al. Hybrid cloud computing investment strategies
CN101978665B (en) Selective filtering of network traffic requests
CN111539775A (en) Application program management method and device
JP2015135557A (en) Privilege information processing system, privilege information processing method, and privilege information processing program
US9197447B2 (en) Information processing apparatus, method of controlling information processing apparatus, program for control method, and recording medium for program
US20060074948A1 (en) Management server, system, method and program
CN101836213A (en) Protection against unauthorized copying of digital media content
CN102567466B (en) Information processing device and information processing method
JP6020676B2 (en) Information processing apparatus, information processing method, and program
JP2006197356A (en) Information providing method and device, information providing program, and storage medium stored with information providing program
US20140149192A1 (en) Verification of online advertisement security
US20030065797A1 (en) Information processing apparatus, information processing method, and program
CN102968425B (en) Signal conditioning package and control method thereof
Jääskeläinen et al. How do media-owned national news agencies survive in the digital age? Business diversification in Austria Presse Agentur, Press Association and Tidningarnas Telegrambyrå
KR102081553B1 (en) Big Data-Based Monitoring System of Promotional Content for Cultural Media
US20100198859A1 (en) System and method for avoiding duplication of effort in drafting documents
Bourcier et al. Cloud computting: New research perspectives for computers and law
Dimova et al. From Privacy Policies to Privacy Threats: A Case Study in Policy-Based Threat Modeling
US20230334486A1 (en) Information processing apparatus, asset management apparatus, information processing method, asset management method, and recording medium
Trappler Is there such a thing as free software? The pros and cons of open-source software

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C53 Correction of patent for invention or patent application
CB02 Change of applicant information

Address after: Tokyo, Japan

Applicant after: Canon IT Solution Co., Ltd.

Address before: Tokyo, Japan

Applicant before: Canon IT solution Co., Ltd.

COR Change of bibliographic data

Free format text: CORRECT: APPLICANT; FROM: CANON IT SOLUTION CO., LTD. TO: CANON IT SOLUTION CO., LTD.

C14 Grant of patent or utility model
GR01 Patent grant