JP2002123440A - Method and device for controlling access - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a stable response. SOLUTION: The execution of access is detected by an access detecting means 31 and information for determining whether connection conditions are satisfied or not is acquired or set by an information acquiring/setting means 32. Then, in a decision means 34, the connection conditions preset to a connection conditioning means 33 are compared with the acquired or set information and the decision means 34 determines whether the connection conditions are satisfied or not. The decision result is sent to a connection control means 35 and a connection or no connection is performed corresponding to the decision result.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to an access control method and apparatus for connecting a client computer and a server computer via a network.

[0002]

2. Description of the Related Art A client / server system is called L
AN (Local Area Network), WAN (Wide Area Net)
work) or a network such as the Internet. The LAN is a system that connects client computers and server computers distributed in a relatively small area such as in the same building or on the same site to realize various services. Personal computer LA based on client / server system
N is composed of a client computer, a server computer, a network OS, a LAN adapter, a LAN cable, etc., and shares resources such as a hard disk and a printer; uses various groupware such as e-mail and scheduling; shares a database; It can be used for intranets.

[0003] Further, a WAN is a network having a wider area than a LAN constructed by connecting LANs using a communication line, and has an advantage that there is no restriction on the transmission distance as compared with a LAN. However, since a communication line provided by a communication carrier is used, the transmission speed is relatively slow depending on the line. As a communication line, ISDN (Integrated Services Digital Network
k), ATM (Asynchronous Transfer Mode), frame relay and dedicated lines. The Internet is a collection of computer networks that span almost the entire world, and can be said to be a network connecting WANs. There is no central government or specific organization that manages the Internet in a unified manner, and it is run by many voluntary organizations that operate and operate from various angles, including technology and resources. The Internet was initially started for military purposes, but soon became diverted for academic use and is now open to businesses.

[0004] In such a computer network, services available on the network tend to be diversified as technology advances. Typical examples are e-mail, net news, file transfer (FT
P), remote login, and the like. Services such as a system for reproducing moving images and audio data in real time, a video conference system, and a game are also becoming widespread. In addition, e-commerce via the Internet (Elec
tronic Commerce (E-commerce) and Internet games are in full swing.

[0005]

[0005] In such a client / server system, in a client / server system such as the Internet that assumes a wide area and an unspecified number of users, network traffic may be difficult to predict. In many cases, it has become difficult for users to secure a stable response. For this reason, there has been a problem that a great inconvenience may be given to the user of the network system. In order to obtain a stable communication response, it is conceivable to limit the number of users or improve the speed of the communication line. However, for the business and services realized by the client / server system, it is necessary to increase the number of users of the system. In addition, it has been difficult to improve the communication speed indefinitely due to economic and physical problems.

SUMMARY OF THE INVENTION It is therefore an object of the present invention to provide an access control method and apparatus capable of obtaining a stable response without limiting the number of users or improving the speed of a communication line.

[0007]

In order to solve the above problems, a first access control method according to the present invention provides an access control in a client / server system for connecting a client computer and a server computer via a network. A method, comprising: a detecting step of detecting an access from a client computer to a server computer; a time obtaining step of obtaining time information when the access is detected in the detecting step; A determining step of determining whether or not the acquired time information corresponds to a time zone set as a connection condition; and, in accordance with a determination result in the determining step, the client computer sends a request to the server computer. A connection control step that controls the connection And a flop.

A second access control method according to the present invention that can achieve the above object is an access control method in a client / server system that connects a client computer and a server computer via a network. A detecting step of detecting access from the client computer to the server computer, and in the detecting step, obtaining an address information or a server name information of the server computer when the access is detected; A determining step of determining whether the address information or server name information obtained in the obtaining step corresponds to address information or server name information set as connection conditions; and a determination result in the determining step. In response, and a connection control step of controlling a connection to the server computer of the client computer.

Further, a third access control method of the present invention that can achieve the above object is an access control method in a client / server system that connects a client computer and a server computer via a network. A detecting step of detecting an access from the client computer to the server computer; a threshold setting step of setting a random threshold every time the access is detected in the detecting step; A determining step of determining whether the threshold value exceeds a reference threshold set as a connection condition; and
Controlling the connection of the computer to the server computer.

Further, a fourth access control method of the present invention capable of achieving the above object is an access control method in a client / server system for connecting a client computer and a server computer via a network. A detecting step of detecting an access from the client computer to the server computer, a time obtaining step of obtaining time information when the access is detected in the detecting step, and a time obtaining step of obtaining the time information. A judgment step of judging whether or not the numerical value of the time information corresponds to a specific numerical value set as a connection condition; and, in accordance with the judgment result in the judging step, the client computer sends a message to the server computer. Connections that control connections And a control step.

Next, an access control apparatus according to the present invention capable of achieving the above object embodies the above first to fourth access control methods of the present invention as hardware. is there.

According to the present invention, when the access from the client computer to the network is started, if the connection is determined to be non-connection by the internally set connection conditions, the access processing is stopped and the connection is not performed. I have to. As a result, without limiting the number of users or improving the speed of communication lines,
It is possible to suppress the generation of unnecessary traffic and manage a stable response situation. In addition, the user of the client computer can be provided with a regular or irregular connection condition with respect to the connectivity, thereby allowing the user to experience intentional game characteristics.

[0013]

DESCRIPTION OF THE PREFERRED EMBODIMENTS An access control method and an access control device according to an embodiment of the present invention will be described below. FIG. 1 shows a configuration of a client / server system including an access control device that executes an access control method according to the present invention. In FIG. 1, a network 1 is a LAN, WAN or Internet network. This network 1, client computers 2, client computers 3,..., Client computers 4, client computers 5, and server computers 6,. Thus, a client / server system is constructed.

Here, for example, when the client computer 2 accesses the server computer 6, the client computer 2 sets the server name of the server computer 6 and is configured by one of the server computers 6 to 7. DNS (Domain
A search request is sent to the Name System) server, and the DNS server sends the IP (Inte
rnet Protocol) address. client·
The computer 2 can access the server computer 6 by using the returned IP address. Then, the client computer 2 accesses the server computer 6 and transmits a request for the requested processing. The server computer 6 processes this request and returns the result to the client computer 2 as a response.
The client computer 2 receives the reply and displays the data on the display.

The configurations of the client computers 2 to 5 are the same, and the configuration of the client computer 2 is shown in FIG. 2 as an example. In FIG. 2, reference numeral 10 denotes a central processing unit (Central Processing Unit: CPU) that controls the operation of the client computer 2. Reference numeral 11 denotes a timer that indicates the current time or generates a timer interrupt at a specific interval. A ROM 12 stores programs executed by the CPU 10, various data, and the like.
(Read Only Memory). Reference numeral 13 denotes a RAM in which a storage area for data and the like and a work area of the CPU 10 are set.
(Random Access Memory). Reference numeral 14 denotes a communication interface for connecting to a LAN 1 such as Ethernet (registered trademark) or the network 1 such as the Internet, and an access control device according to the present invention for executing the access control method of the present invention. is there.

Reference numeral 15 denotes a detection circuit which detects operation information when the keyboard 21 and the mouse 22 are operated and sends the operation information to the bus 18. The keyboard 21 is a personal computer keyboard on which a number of keys are arranged, and the mouse 22 is a pointer device for operating a pointer displayed on the screen of the display 23. Reference numeral 16 denotes a display circuit that sends display data to the display 23 so as to perform a predetermined display on the display 23. The display 23 is a display on which various windows are displayed. Reference numeral 17 denotes an external storage device capable of storing various application programs and various data, such as an HDD (Hard Disk Drive),
FDD (Floppy Disk Drive), CD (Compact Disk)
-It can be constituted by a ROM drive, an MO (Magneto Optical Disk) drive, a DVD (Digital Versatile Disk) drive, or the like. A bus 18 transfers information between blocks.

Although the access control device 14 according to the present invention is hardware, it can also be provided as an access control program executed by the CPU 10. In this case, the access control device 14 may be replaced with a communication interface, and the access control program may be installed in the external storage device 17. The hardware configuration of the client computers 2 to 5 is the same as that of a personal computer or a workstation. As mentioned above, the client
Any one of the computers 2 to 5 is the access control device 14
To access any of the server computers 6 to 7 to obtain a response to a desired request. The access control device 14 of the present invention is characterized in that when one of the client computers 2 to 5 accesses any of the server computers 6 to 7, the access is controlled based on a predetermined condition. are doing.

FIG. 3 is a functional block diagram of the access control device 14 of the present invention. The function of the access control device 14 will be described below. In the access control device 14 of the present invention, the server computers 6 to 7 and the LAN, W
In the client computers 2 to 5 connected via a network 1 such as an AN or the Internet, the network 1 from the client computers 2 to 5
At the start of access to, if it is determined that the connection is not established due to the internally set connection conditions, the access processing is stopped (not executed) to prevent connection. It should be noted that the users of the client computers 2 to 5 cannot change the connection conditions. This makes it possible to suppress the occurrence of unnecessary traffic and manage a stable response situation for the entire network 1. In addition, the user of the client computers 2 to 5 can be provided with a regular or irregular connection condition with respect to the connectivity, thereby allowing the user to experience intentional game characteristics.

Referring to the functional block diagram shown in FIG. 3, when access from any of the client computers 2 to 5 to the server computers 6 to 7 is started, the access detecting means 31 indicates that the access has been made. Is detected. Next, information for determining whether or not the connection condition is satisfied is obtained or set by the information obtaining / setting unit 32. As will be described later, the information to be obtained and set is current time information, address information of a server computer to be connected, or server name information. Further, the information to be acquired and set may be a random threshold. Then, the judgment unit 34 compares the connection condition preset in the connection condition unit 33 with the acquired or set information, and judges whether or not the connection condition is satisfied. . The judgment result is sent to the connection control means 35, and the connection is made or disconnected according to the judgment result.

The connection condition set in advance in the connection condition means 33 is a connection condition for optimally maintaining the traffic of the entire network 1. The connection conditions under which the access processing from the client computers 2 to 5 to the server computers 6 and 7 are not performed are roughly classified into two types, fixed conditions and dynamic conditions, as shown in FIG. . Furthermore, the fixed condition can define a condition relating to a time zone and a condition of an address or a server name of a connection destination server computer. As the dynamic condition, a condition of a threshold based on random probability and a condition of the current time can be defined. One or more of these conditions are set in the connection condition means 33, and all the conditions set in the connection condition means 33 are determined when an access is detected, and all of the conditions are determined to be non-connection. If not, the access processing is executed. Hereinafter, these conditions will be described in detail.

A. Fixed Condition The fixed condition is a condition set and acquired in advance by the connection condition means 33 in the client computers 2 to 5, and it is determined whether or not the access processing to the server computers 6 to 7 is definitely performed. Is determined. The fixed conditions are exemplified below. 1. Time zone of system time recognized by client computers 2 to 5 Under these fixed conditions, client computers 2 to 5
5 that the current time information acquired by the information acquisition / setting means 32 matches the specific time zone previously acquired and set by the connection condition means 33.
When it is determined that the connection is not made, the connection control means 35 does not perform the access processing and the connection is not established. That is, judgment conditions and judgment information are as follows. Judgment condition: Judgment of coincidence with a specific time zone previously set / acquired by connection condition means 33 Judgment information: Time information held or acquired by information acquisition / setting means 32 in client computers 2 to 5 This fixed condition In the example of setting, the specific time zone previously set in the connection condition means 33 is set to 22:00 to 06: 0.
When the current time information acquired by the information acquisition / setting means 32 is determined to be within the time zone of 22:00 to 06:00, the connection control means 35 No connection is made without performing access processing. During the connection, the current time is 22:00 to 06: 0
When the determination unit 34 determines that the time period up to 0 has been reached, the connection control unit 35 may interrupt the connection.

2. The addresses or server names of the server computers 6 to 7 to be connected to which the client computers 2 to 5 recognize.
5 and the address or server name of the connection destination server computer 6-7 recognized and acquired by the information acquisition / setting means 32 and the connection condition means 33 in advance
If the determination unit 34 determines that the address or the server name of the specific server computer matches, the connection control unit 35 executes an access process to connect, and otherwise does not perform the access process. No connection. That is, judgment conditions and judgment information are as follows. Judgment condition: Consistency with server name (address) previously set / acquired by connection condition means 33 Judgment information: Server information previously set / acquired by connection condition means 33 An example of setting this fixed condition will be given. And a specific server
The computer is the server computer 6 and its address or server name is set in the connection condition means 33 in advance. The address or server name of the connection destination server computer recognized / acquired by the information acquisition / setting means 32 at the time of access is determined as the address or server name of the server computer 6 set in the connection condition means 33 by the determination means 34. If it is determined that they match, the connection control unit 35 performs an access process and connects. If they do not match, the access processing is not performed and the connection is not established.

B. Dynamic Condition The dynamic condition is a condition set and acquired in advance by the connection condition means 33 in the client computers 2 to 5, and it is determined indefinitely that the access processing to the server computers 6 to 7 has not been executed. Is done. The following is an example of the dynamic conditions. 1. Judgment based on random probability in the client computers 2 to 5 In this dynamic condition, the reference threshold value previously set and acquired by the connection condition means 33 is changed to the server computer 6
When it is determined by the determination unit 34 that the threshold value corresponding to the random function called by the information acquisition / setting unit 32 does not exceed (exceeds) each time an access to each of the connections to 7 occurs, the connection control unit 35 performs access. Not connected without processing. That is, the connection condition is determined with a dynamically changing random probability, and the determination condition and the determination information are as follows.

Judgment condition: Up / down judgment between a reference threshold value previously set / acquired by the connection condition means 33 and a threshold value corresponding to a random function called each time an access occurs Judgment information: Information acquisition / setting means 32 Threshold according to the obtained random function (for example, 0.01 to 9.99)
Is not exceeded (exceeded) by comparing with the reference threshold,
Does not perform access processing. Here, the random function is a function value of a random number generating function provided as a standard in the client computers 2 to 5. If the setting example of this fixed condition is raised, for example, the reference threshold value 0.2
If 0 is set, the server computers 6 to
When an access to connect to the C.7 occurs, the information acquisition / setting means 32 calls a random function to acquire a function value. When this function value is set as a threshold value and the reference threshold value is larger than the reference threshold value of 0.20 by the determination means 34, it is determined that the reference threshold value has been exceeded, and the connection control means 35 performs an access process to connect. If the function value is less than 0.20, it is determined that the function value does not exceed the reference threshold, and the connection is not performed without performing the access process.

2. Current time of the system time recognized by the client computers 2 to 5 In this dynamic condition, the client computers 2 to 5
If the determination unit 34 determines that the numerical value of the current time information acquired by the information acquisition / setting unit 32 does not satisfy the time condition previously acquired and set by the connection condition unit 33, the connection control unit At 35, no access processing is performed and the connection is not established. In other words, connection conditions will be determined with a dynamically changing random probability,
The judgment conditions and judgment information are as follows. Judgment condition: Determines whether the time condition previously set / acquired by the connection condition means 33 satisfies the current time of the client computers 2 to 5 Judgment information: The system time acquired by the information acquisition / setting means 32 Current value When the setting example of the dynamic condition is raised, for example, the connection condition means 33 is set in advance as a time condition that the number of seconds is an even number and a multiple of 3, and the information acquisition of the client computers 2 to 5 is performed. If the number of seconds of the current time acquired by the / setting means 32 is determined by the determination means 34 to be neither an even number nor a multiple of 3, the connection control means 35 does not perform access processing and disconnects.

Next, the access control device 1 of the present invention in which one or more of the above-mentioned conditions is set in the connection condition means 33 in advance.
4 can also be provided as software. When this software is executed by the CPU 10 shown in FIG. 2, the access control method according to the present invention is performed. Therefore, a specific embodiment to which the access control method of the present invention is applied will be described below. 1. Example of setting connection conditions in member-only client software of merchandise purchasing Web site The above-mentioned access control method function is incorporated into the dedicated client software for Web sites that provide various services on the Internet, and users (members) Distribute to At this time, if the user has a level, the connection conditions are set for each level and distributed. For example, in a member-based product purchase site, members are classified according to the purchase amount performance of the user, and connection conditions are different according to the rank (for ranks with a large purchase amount, the connection is set to be more easily connected). Distribute software. Thus, it is possible to suppress an excessive connection request to the server computer and to stabilize network traffic. At the same time, it is possible to provide members with fair connection conditions according to the performance as a service.

2. Example of setting connection conditions in dedicated client software for network-type game websites Dedicated client software (mascot character) distributed to participating members when using network-type game software using the Internet
Set this function to. At this time, different connection conditions are set according to the level in the member's game or the dedicated software (character) to be used. This allows
Excessive connection requests to the server computer can be suppressed, and network traffic can be stabilized. At the same time, it is possible to provide appropriate connection conditions according to the participant's grade as game rules.

3. Example of setting connection conditions in dedicated client software on distance learning website In education service using the Internet, it is possible to restrict the use of the teaching materials of the website by the time zone by using the time zone as the connection condition . Accordingly, schedule learning can be performed by prohibiting use at midnight, or by specifying a time zone for each user location or subject. Of course, no connection request to the server computer is made outside of the time zone, so that the effect of suppressing network traffic is also realized.

In the access control method and the access control device according to the present invention, any one of the above fixed conditions or any one of the dynamic conditions can be set as the connection condition. If a fixed condition is set, it is determined whether or not to make a deterministic connection based on the connection condition.If a dynamic condition is set, it is determined whether or not to make an uncertain connection based on the connection condition. become. That is, when a dynamic condition is set, whether or not to make a connection is determined with a dynamically changing random probability. Therefore, it is preferable to set the fixed condition and the dynamic condition according to the mode to be applied. Further, the access control method according to the present invention can be provided as software for causing a computer to execute, and the software can be incorporated in a network board or a network card.

Note that the client computer described above incorporates the above-described access control method program, a personal computer equipped with an access control device, and a PDA (Personal Digital A
ssistant). Further, the mobile phone may be a mobile phone in which the program of the above-described access control method is incorporated.

[0031]

Since the present invention is configured as described above, when the access from the client computer to the network is started, if it is determined that the connection is not established by the internally set connection conditions, the access processing is performed. Abort and try not to connect. As a result, it is possible to suppress the occurrence of unnecessary traffic on the entire network and manage a stable response state without limiting the number of users or improving the speed of the communication line. In addition, the user of the client computer can be provided with a regular or irregular connection condition with respect to the connectivity, thereby allowing the user to experience intentional game characteristics.

[Brief description of the drawings]

FIG. 1 is a diagram showing a schematic configuration of a client / server system to which an access control method and an access control device according to an embodiment of the present invention can be applied.

FIG. 2 is a diagram illustrating a configuration of a client computer to which an access control method and an access control device according to an embodiment of the present invention can be applied.

FIG. 3 is a diagram showing a configuration of a functional block diagram of an access control device according to the embodiment of the present invention.

FIG. 4 is a diagram showing connection conditions set in the access control method and the access control device according to the embodiment of the present invention.

[Explanation of symbols]

1 network, 2 client computers,
3 client computers, 4 client computers
Computer, 5 client computer, 6
Server computer, 7 server computer, 10 CPU, 11 timer, 12 ROM, 13
RAM, 14 access control device, 15 detection circuit, 1
6 display circuit, 17 external storage device, 18 bus, 21
Keyboard, 22 mouse, 23 display, 3
1 access detection means, 32 information acquisition / setting means, 3
3 connection condition means, 34 determination means, 35 connection control means

Claims (8)

[Claims] An access control method in a client / server system for connecting a client computer and a server computer via a network, comprising: a detecting step of detecting an access from the client computer to the server computer; In the detecting step, a time obtaining step of obtaining time information when the access is detected, and determining whether the time information obtained in the time obtaining step corresponds to a time zone set as a connection condition. An access control method, comprising: a determination step of determining; and a connection control step of controlling connection of the client computer to the server computer according to a determination result in the determination step. 2. An access control method in a client / server system for connecting a client computer and a server computer via a network, comprising: a detecting step of detecting an access from the client computer to the server computer; In the detecting step, an acquiring step of acquiring address information or server name information of the server computer when the access is detected, and the address information or server name information acquired in the acquiring step is set as a connection condition. Determining whether the address information corresponds to the address information or the server name information, and the server computer of the client computer according to the determination result in the determining step. Access control method characterized by and a connection control step of controlling a connection to. 3. An access control method in a client / server system for connecting a client computer and a server computer via a network, comprising: a detecting step of detecting an access from the client computer to the server computer; In the detecting step, every time the access is detected, a threshold setting step of setting a random threshold, and whether or not the threshold set in the threshold setting step exceeds a reference threshold set as a connection condition And a connection control step of controlling connection of the client computer to the server computer according to a result of the determination in the determination step. 4. An access control method in a client / server system for connecting a client computer and a server computer via a network, comprising: a detecting step of detecting an access from the client computer to the server computer; In the detecting step, a time obtaining step for obtaining time information when the access is detected, and whether a numerical value of the time information obtained in the time obtaining step corresponds to a specific numerical value set as a connection condition An access control method, comprising: a determination step of determining whether or not the client computer is connected, and a connection control step of controlling connection of the client computer to the server computer according to a determination result in the determination step. 5. An access control device in a client / server system for connecting a client computer and a server computer via a network, comprising: detecting means for detecting access from the client computer to the server computer; Detecting means for obtaining time information when the access is detected; and determining whether the time information obtained by the time obtaining means corresponds to a time period set as a connection condition. An access control device, comprising: a determination unit for determining; and a connection control unit for controlling connection of the client computer to the server computer in accordance with a result of the determination by the determination unit. 6. An access control device in a client / server system for connecting a client computer and a server computer via a network, comprising: a detecting means for detecting an access from the client computer to the server computer; Acquiring means for acquiring address information or server name information of the server computer when the access is detected by the detecting means; and setting the address information or server name information acquired by the acquiring means as connection conditions. Determining means for determining whether the address information corresponds to the address information or the server name information, and a connection controlling the connection of the client computer to the server computer in accordance with the determination result of the determining means. Access control device, characterized in that it comprises a control means. 7. An access control device in a client / server system for connecting a client computer and a server computer via a network, comprising: detecting means for detecting access from the client computer to the server computer; In the detecting means, every time the access is detected,
Threshold setting means for setting a random threshold; determining means for determining whether the threshold set by the threshold setting means exceeds a reference threshold set as a connection condition; and a determination result by the determining means Connection control means for controlling connection of the client computer to the server computer according to the following. 8. An access control device in a client / server system for connecting a client computer and a server computer via a network, comprising: detecting means for detecting access from the client computer to the server computer; In the detecting means, a time obtaining means for obtaining time information when the access is detected, and a numerical value of the time information obtained in the time obtaining means,
Judgment means for judging whether a specific numerical value set as a connection condition is satisfied, and connection control for controlling connection of the client computer to the server computer in accordance with a judgment result by the judgment means And an access control device.