JP2003030031A - Method for acquiring information in network system and network system for acquiring information - Google Patents

Abstract

PROBLEM TO BE SOLVED: To prevent unauthorized access to information on a network system. SOLUTION: A file having a URL of the information which can be acquired by a client and a keyword associated with it and corresponding data in which the URL is associated with the keyword are stored in a storage device of a server. The client displays homepage data including an anchor having a file name of the file on its display device, and when the anchor included in the homepage data is selected, transmits the file name which the anchor has to the server. The server transmits the file corresponding to the file name transmitted from the client to the client. The client transmits the keyword, which the file transmitted from the server has, to the server. The server acquires the information based on the URL corresponding to the keyword transmitted from the client and transmits it to the client.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method for acquiring information existing on a network system, a network system for executing the method, a server of the network system, a client of the network system,
And a program executed by the server and the client.

The present invention also provides an authentication method performed when acquiring information existing on a network system, a network system that executes the authentication method, a server of the network system, a client of the network system, and the server. And a program executed by the client.

Furthermore, the present invention is a browser device, method, and method for preventing copying / printing of information on a network system.
And about the program.

[0004]

2. Description of the Related Art Due to the spread of the Internet, a terminal computer (client) used by a user uses a browser (WWW browser) to acquire various information on a WWW server connected to the Internet, Information is available for reference. In addition, an intranet is built inside the company or university, and terminal computers installed in the company or university use a browser to use an internal server connected to the intranet,
It is possible to access various information on the school server, etc., and acquire and refer to this information.

For example, by displaying a home page on a display device of a terminal computer using a browser and clicking an anchor on the home page, information can be easily obtained based on the URL (Uniform Resource Locator) of the anchor. ， Can be referenced.

On the other hand, there is a lot of information to be acquired / referenced that is desired to be prohibited from being copied or printed on the terminal computer. For example, get only to a specific person /
Information that can be referred to, information related to copyright, paid information, and the like. In particular, in an intranet built in-house, there is a lot of information related to trade secrets that you want to prohibit copying and printing on terminal computers.

There are also cases where it is desired to prevent unauthorized access to the information by persons who are not authorized to access the information.

Furthermore, there are cases where it is desired to prevent the URL indicating the storage location of information from being known.

[0009]

However, in the conventional browser, the information displayed on the display device can be easily copied and printed by the terminal computer. For example, the user selects what they want to copy or print,
Clicking the right mouse button displays a pull-down menu from which you can select processing such as “copy (or copy)” and “print”.

When the user selects "copy", the selected object is copied (copied) to the clipboard.
If you select "Paste" in the pull-down menu later, other data (word processing data, drawing data, etc.) will be displayed.
The selected object in is copied. When "print" is selected, the selected object is printed on the printing paper by the printer.

Further, in the conventional browser, since no limitation is imposed on the users, any information can be acquired / referenced by clicking any anchor on the home page. .

Further, in the conventional browser, the URL indicating the position (storage location) of the information on the network is
For example, it is displayed in the message bar at the bottom of the browser display screen. Further, the URL can be easily understood by directly checking the homepage data described in HTML, for example. Therefore, the information can be easily accessed based on the URL.

The present invention has been made in view of such a background, and an object thereof is to prevent unauthorized access to information on a network system.

Another object of the present invention is to prevent the user from seeing the address indicating the location of information on the network system.

Still another object of the present invention is to make it possible to prohibit copying and printing of information acquired and referenced from a network system.

[0016]

In order to achieve the above object, the information acquisition method according to the first aspect of the present invention is designed so that the client acquires information existing on a network system having a server and a client. In the method, the server stores a file having a keyword associated with an address indicating a position on the network system of information obtainable by the client, and the client stores a file of the file. The home page data including the anchor having the name is displayed on the display unit included in the client, and when the anchor included in the home page data is selected by the user, the file name included in the anchor is transmitted to the server. , The server sends the message sent from the client The file corresponding to the file name is transmitted to the client, the client transmits the keyword included in the file transmitted from the server to the server, and the server corresponds to the keyword transmitted from the client. The information is acquired based on the address, the information is transmitted to the client, and the client receives the information.

The information acquisition method performed by the server according to the first aspect of the present invention is characterized by the method performed by the server in the information acquisition method, and the program executed by the server uses the information acquisition method performed by the server as the server. It is intended to be executed by. The information acquisition method performed by the client according to the first aspect of the present invention is characterized by the method performed by the client in the information acquisition method, and the program executed by the client causes the client to execute the information acquisition method performed by this client. It is for. These programs may be recorded in a recording medium and provided.

Further, the network system according to the first aspect of the present invention is a network system having a server and a client, wherein the server is associated with an address indicating a position on the network system of information obtainable by the client. Corresponding to storage means for storing a file having the specified keyword, file name receiving means for receiving the file name held by the anchor transmitted from the client, and the file name received by the file name receiving means File transmitting means for transmitting a file to the client,
Keyword receiving means for receiving the keyword contained in the file transmitted from the client,
Information transmitting means for acquiring the information based on the address corresponding to the keyword received by the keyword receiving means, and transmitting the information to the client, wherein the client specifies the file name of the file. Homepage data display means for displaying homepage data including the anchor that the user has, and a file for transmitting the file name of the selected anchor to the server when the anchor included in the homepage data is selected by the user. Name transmitting means, file receiving means for receiving a file corresponding to the file name transmitted from the server, and keyword transmitting means for transmitting the keyword contained in the file received by the file receiving means to the server And associated with the above keywords Characterized in that it comprises an information receiving means for receiving the resulting information.

The server according to the first aspect of the present invention has the characteristics of the server in the network system according to the first aspect, and the client according to the first aspect of the present invention is the server in the network system according to the first aspect. Has client characteristics.

According to the first aspect of the present invention, since the address of the anchor is the file name of the keyword file, the address of the anchor is hidden. In addition, a person who attempts unauthorized access cannot easily know the URL. As a result, it is possible to prevent unauthorized access to information based on the URL.

The authentication method according to the second aspect of the present invention is an authentication method performed when the client acquires information existing on a network system having a server and a client, and the server is authenticated. Correspondence data in which an address indicating the position of the necessary information on the network system and a password used to authenticate the information are stored is stored, and the client stores the information specified by the address and the address. When homepage data including an anchor having authentication-required data indicating that authentication is required for acquisition of is displayed on the display means of the client, and the anchor included in the homepage data is selected by the user. The address and the authentication-required data possessed by the anchor to the server. In response, the server receives the address and the authentication required data transmitted from the client, the client requests the user to input a password, waits for the password input from the user, and is input. The password is transmitted to the server, the server receives the password transmitted from the client, and receives the received password and the password corresponding to the received address referenced from the corresponding data. When the two passwords are compared with each other, the information specified by the address is acquired and transmitted to the client, and the client receives the information.

The authentication method performed by the server according to the second aspect of the present invention is characterized by the method performed by the server in the above authentication method, and the program executed by the server causes the server to execute the authentication method performed by this server. It is for. The authentication method performed by the client according to the second aspect of the present invention is characterized by the method performed by the client in the authentication method, and the program executed by the client is
This is for causing the client to execute the authentication method performed by this client. These programs may be recorded in a recording medium and provided.

The network system according to the second aspect of the present invention is a network system having a server and a client, wherein the server uses an address indicating a position on the network system of information requiring authentication and authentication of the information. Storage means for storing corresponding data corresponding to the password, and authentication required data displayed on the client and indicating that the address and the information specified by the address require authentication. In home page data including anchors, an address / authentication required data receiving means for receiving the address and the authentication required data possessed by the anchor specified by the user from the client, and input from the user of the client, and from the client Password sent A password receiving means for receiving the password, a comparing means for comparing the password received by the password receiving means with a password corresponding to the received address referred to by the corresponding data, and comparison by the comparing means. As a result, when both passwords match, the information acquisition means for acquiring the information specified by the address and transmitting it to the client, the client displaying the homepage data, the homepage display means. And, when the anchor included in the homepage data is selected by the user, an address / authentication data transmission means for transmitting the address and the authentication data required by the anchor to the server, and a password input request Input request method and the password from the user Input means for inputting the password, password transmitting means for transmitting the password input by the input means to the server, and information receiving means for receiving the information transmitted by the information transmitting means of the server. Characterize.

The server according to the second aspect of the present invention has the characteristics of the server in the network system according to the second aspect, and the client according to the second aspect of the present invention is the server in the network system according to the second aspect. Has client characteristics.

According to the second aspect of the present invention, since the anchor authenticates when accessing the information on the network system, the information is provided only to a specific person who knows the password. As a result, information leakage and unauthorized access can be prevented.

An anchor information encoding method according to the third aspect of the present invention is present in a network system having a server and a client, and when the server provides information including an anchor to the client, An anchor information encoding method performed by the server, wherein when an address indicating a position on the network system of information including the anchor is received from the client, the information is acquired based on the address, and the acquired information is acquired. A temporary storage location for storing information is created in the server, the acquired information is stored in the created storage location, and an address included in the anchor included in the information is defined as the address. Is converted into a different code, and corresponding data is generated by associating the address with the code after the conversion. Said information including an anchor which is intended to be transmitted to the client.

A program according to the third aspect of the present invention is
The anchor information encoding method is executed by a server.

The server according to the third aspect of the present invention is an address which exists on a network system having a server and a client, and which receives from the client an address indicating a position on the network system of information including an anchor. A receiving means, an information acquiring means for acquiring the information specified by the address based on the address received by the address receiving means, and a temporary storage means for storing the information acquired by the information acquiring means Generating a storage location in the server, storing the acquired information, converting means for converting an address included in the anchor included in the information into a code different from the address, and the address A corresponding data generating means for generating corresponding data corresponding to the converted code; And a, and information transmitting means for transmitting the information to the client that contains the anchor with.

According to the third aspect of the present invention, since the anchor information is encoded and provided to the client, the anchor information is hidden in the client.

A program according to the fourth aspect of the present invention is
A program executed by a client for controlling a browser for displaying information on a network system to which the client is connected, the browser being provided to the client by a user through an input means of the client. Procedure for receiving an instruction including copying or printing of information, and if the instruction is copying or printing of the information, the instruction is deleted and not given to the browser, or the browser does not execute It is a program for executing the procedure of converting the message into a message without it and giving it to the browser.

This program may be a part of the operating system or a program different from the operating system, and is a program for receiving a command from the operating system and giving the received command to the browser. May be.

The browser device according to the fourth aspect of the present invention is a browser device for displaying information on a network system, and comprises a receiving means for receiving the information from the network system and a receiving means. Display means for displaying the received information, input means for inputting a user instruction including copying or printing of the information, execution means for executing the user instruction input by the input means, and the input means When the user's instruction input by means of is to copy or print the information, the instruction is erased, or the execution unit converts it into an instruction without any execution and gives it to the execution unit. And a conversion means.

According to the fourth aspect of the present invention, the copy or print command input through the input means is not given to the browser. Therefore, it is possible to prevent copying and printing of the information displayed by the browser.

[0034]

BEST MODE FOR CARRYING OUT THE INVENTION 1. System Configuration FIG. 1 is a block diagram showing the overall configuration of a network system according to an embodiment of the present invention. This network system consists of a client 1, an in-house server (WWW
Server) 2 and WWW server 3.

In this embodiment, the client 1 is provided in a certain company and is composed of a computer used by an employee (user) of this company. Therefore, the client 1 includes a main body device having a CPU (or a microcomputer), a storage device (semiconductor memory, hard disk, etc.), and a display device (CRT display, liquid crystal display, plasma) for displaying visual information (characters, images, etc.). Display, etc.), an input device (keyboard, mouse, etc.) for inputting data from the outside, and a communication device for communicating via a communication line.

The client 1 is connected to an intranet (LAN) 4 built in this company via its communication device. In FIG. 1, only one client 1 is shown, but a plurality of clients 1 respectively used by a plurality of employees are provided, and an intranet 4 is provided.
May be connected to.

The in-house server 2 is a server installed in this company in this embodiment, and is composed of a computer. Therefore, like the client 1, the in-house server 2 also has a main body device, a display device, an input device,
And a communication device.

The in-house server 2 is connected to the intranet 4 on the one hand and to the internet 5 on the other hand via the communication device. The in-house server 2 functions as an in-house server when viewed from the Intranet 4 side, while it is one of the WWW servers when viewed from the Internet 5 side.
Configured to function as one.

The in-house server 2 has an in-house document sent from the client 1 via the intranet 4, an in-house home page for the client 1, and an external home page for the client (not shown) connected to the Internet 5 (for example, the company concerned). It stores information such as the homepage for introducing (). The in-house document contains information that corresponds to a trade secret and is prohibited from being leaked, acquired, or referenced by anyone outside the company.

Although only one in-house server 2 is shown in FIG. 1, a plurality of in-house servers 2 may be provided and connected to the intranet 4 and the Internet 5.

The WWW server 3 is a server connected to the Internet 5.

Below, in this network system, the anchor URL (Uniform Resource) of the home page is
Locator) is hidden, and the process of acquiring and displaying the contents (information) of the anchor that has the hidden URL, the process of preventing copying and printing, the authentication process when acquiring / referring to the contents, and the anchor on the home page have The URL encoding process and the like will be described.

Here, the "content" includes a home page (for example, home page data described in HTML), document information, still image information, moving image information, music information, and a multimedia in which two or more of these are combined. It includes information, etc., and also includes files that store these. The “home page” includes a top screen that is first transmitted to the client and displayed when the site is accessed, and other screens that can be moved from the top screen.

2. URL concealment / acquisition process of anchor content having a concealed URL The storage device of the client 1 stores programs of two browsers, a first browser and a second browser. These programs may be recorded and provided in a recording medium such as a CD-ROM, MO, or floppy disk.

The first browser is a browser capable of copying and printing the contents of a screen (for example, a home page) displayed on the display device of the client 1, like a general WWW browser. User (employee) is client 1
When accessing the in-house server 2 from, the first browser is usually started first.

The second browser receives or opens the file transmitted from the in-house server 2 by clicking a specific anchor on the home page displayed on the display device of the client 1 by the first browser. It is a browser that is started. The second browser is configured to prevent copying and printing of the content displayed on the display device of the client 1 and not displaying the URL of the displayed home page and the URL of the anchor on the home page. There is.

FIG. 2 shows acquisition and reference (display) of contents using these first browser and second browser.
It is a sequence diagram which shows the flow of a process.

In the client 1, when the user activates the first browser, the in-house home page stored in the in-house server 2 is transmitted to the client 1 and displayed on its display device (step S1). FIG. 3 shows an example of this in-house home page.

On this in-house home page, one or more normal anchors (hereinafter referred to as "normal anchors") and one or more specific anchors (hereinafter "specific anchors").
Say. ) Is included. In the present embodiment, the normal anchor and the specific anchor are not particularly distinguished in the display form of the display screen. For example, anchors 11 and 12 are used.
Is a specific anchor, and anchors 21 and 22 are normal anchors.

Usually, the anchor is an anchor used for content that does not need to hide the position (storage location) of the content on the network system, and has an URL defined on the Internet, for example. Therefore, anchors usually have absolute links (eg “http: // domain name / file name”) or relative links (eg “file name”).

The specific anchor is a content (for example, confidential information) whose storage location is required to be hidden.
Anchor used for, and has a file name that accompanies startup of the second browser. In the present embodiment, this file name is the name of a file (keyword file described later) stored in the storage device of the in-house server 2. Therefore, the specific anchor can also be regarded as an anchor having a URL represented by a relative link.

In the present embodiment, this file name is the file name “xxx.” Having a special extension (“kbw” (or “KBW” in the present embodiment)) that is set in advance.
kbw ”(or“ xxx.KBW ”). The first browser (or the operating system (OS) running the first browser) receives a file having this extension from the in-house server 2, or The second browser is configured to be started by opening (opening).

Although not shown in FIG. 2, when the user normally clicks on the anchor, the client 1
Uses the URL of the normal anchor to the intranet 4
To the in-house server 2 via.

If the URL transmitted from the client 1 specifies the content in its own server (that is, if it is a relative link), the in-house server 2 uses the content stored in its own storage device. Read and send to client 1. On the other hand, in-house server 2
When the URL specifies the content on the external WWW server 3 (that is, when it is an absolute link), the URL is transmitted to the external WWW server 3 and is transmitted from the WWW server 3. Transfer the content to the client 1.

The client 1 displays the transmitted contents on its display device.

Referring to FIG. 2, when the user clicks on the specific anchor, the client 1 sets the file name “xxx.kbw” of the specific anchor to the intranet 4
Is transmitted to the in-house server 2 via (step S2).

The storage device of the in-house server 2 is shown in FIG.
As shown in, a keyword file having the extension “kbw” of the specific anchor in the file name is stored in advance. Keywords are stored in each keyword file. This keyword is a keyword that is not directly related to the URL that specifies the storage location of the content (for example, an integer value starting from 1, a random numerical value, etc.)
Is used.

Returning to FIG. 2, since the data transmitted from the client 1 is a file name (that is, a relative link), the in-house server 2 stores the file (keyword file) corresponding to the file name in its own storage device. Read from and send to client 1 (step S
4).

The first browser of client 1 (or O
When the keyword file is received from the in-house server 2, S) opens the file and starts the second browser because the extension is "kbw" (step S4). The second browser may be activated by receiving the keyword file as a trigger.

By opening the keyword file, the keywords in the keyword file can be obtained.
The second browser transmits the obtained keyword to the in-house server 2 (step S5).

The storage device of the in-house server 2 is shown in FIG.
As shown in, a UR that associates a keyword with a URL
The L database is stored. Upon receiving the keyword from the client 1, the in-house server 2 refers to the URL corresponding to this keyword from the URL database (step S6), and acquires / references the content designated by this URL (step S7). When the content specified by the URL exists in the in-house server 2, the content in the storage device of the in-house server 2 is read. If the content specified by the URL exists in the external WWW server 3, the content is read from the WWW server 3 (step S7).
The in-house server 2 transmits the read content to the client 1 (step S7).

The second browser of the client 1 displays the content transmitted from the in-house server 2 on its display device (step S8).

FIG. 5 shows an example of a home page displayed on the display device by the second browser. The second browser is provided with a display column (for example, an address column in Internet Explorer) that displays the URL of the displayed home page and a display column (for example, a message bar in Internet Explorer) that displays the URL of the anchor on the home page. Absent.

When the access record to the servers 2 and 3 by the second browser or the access record to the servers 2 and 3 by the first browser and the second browser is stored in the storage device of the client 1, This access record is deleted (deleted) by the client 1 when the program of the second browser is closed (closed).
(Step S9). For example, “Temporary Internet Files folder” and “Hist
The access record stored in the "ory folder" is deleted.

This erasing process may be performed by the second browser, or a program different from the second browser is started by the second browser when the second browser ends,
It may be performed by this program.

As described above, according to this embodiment, the URL of the specific anchor on the home page is hidden, and the referenceable one is the keyword file name. This prevents a third party from easily knowing the URL indicating the storage location of the content. As a result, unauthorized access to the content based on the URL is prevented.

The final content is accessed via the keyword file name of the specific anchor, the keyword file designated by the keyword file name, the keyword of the keyword file, and the URL corresponding to the keyword. This also prevents the URL from being easily known.

Further, the information communicated between the client 1 and the in-house server 2 does not include the URL. This also prevents the URL from being easily known.

Further, the display screen of the second browser is shown in FIG.
As shown in, the display column for displaying the URL of the displayed page and the display column for displaying the anchor URL on the page are not provided. This also prevents the URL from being known.

Furthermore, since the access record is also erased,
The URL cannot be known from the access record.

Before executing the processing of step S3, the in-house server 2 checks whether the second browser is installed in the client 1, and if it is not installed, the second browser is displayed in the client 1. You can also install.

Whether or not it is installed is determined by the in-house server 2 of the client 1 such as Cookie.
It is performed by referring to the (cookie) file and checking whether or not the history of the second browser installed in the past remains in the cookie file.

If not installed, the in-house server 2 sends the program required for installation to the client 1, and the client 1 executes this program to install the second browser. Further, the in-house server 2 writes the history of installing the second browser in the cookie file. Then, the process of step S3 is executed.

3. Copy and Print Prevention Process In the above-described second browser, the copy and print of the displayed content are prevented by two methods, and the user cannot perform these operations.

First, according to the first method, since the operation screen for instructing copying and printing is not provided on the display screen of the second browser, copying and printing are prevented. Referring again to FIG. 5, the toolbar 31 at the top of the display screen by the second browser has a "Back" button for returning to the previous display screen, and "Forward" for moving to the next display screen.
Only operation buttons such as buttons are provided, and copy buttons and print buttons are not provided. This prevents the user from instructing the second browser (or OS) to copy and print.

Further, according to the second method, the instruction of copying and printing by the input device such as the mouse and the keyboard is prevented. FIG. 6 is a flowchart showing the flow of processing for preventing copying and printing instructions from the input device.

A general browser program is executed on the OS (for example, Windows (registered trademark) 95, Windows98, Windows2000, etc.) mounted on the client. The program of the second browser according to the present embodiment also
Similarly, it is executed on the OS mounted on the client 1.

The contents input by the user of the client 1 by operating the input device such as the mouse and the keyword are the OS first.
Given to. The OS converts the input content given from the input device into a message (messaging) (S11).

Next, the OS clears (erases) the data in the clipboard in which the contents to be copied are temporarily stored (step S12). Next, OS
Determines whether the content of the message converted by the message conversion is a copy or print command (step S13). For example, when the OS is Windows 98, etc., this OS is the message "VM # RBUTTINUP" indicating the right mouse button click operation or the message "VM # KEYDOWN" indicating the print command "Ctrl + P" operation.
nVirtKey: 'P'"is determined (step S1)
3).

If the message is one of these (Y in step S13), the OS converts this message into "Null" which is a message that does not cause the second browser to start any processing (step S14). ), And gives this "Null" as a message to the second browser.

In the second browser, the message "Nul
If it is "l", it does not cause any processing. Therefore, neither copying nor printing operation is executed. This prevents copying and printing. This makes it possible to prevent information such as confidential information from being copied to other data or printed on printing paper and leaking to the outside.

Since the data in the clipboard is also cleared, no data to be copied remains in the clipboard. This also makes it possible to prevent copying.

On the other hand, when the contents of the message are not the above two (N in step S13), the message is given as it is to the second browser without being converted (step S15), and the second browser is the OS. The message given by is executed as is.

The process of step S12 can be performed before or after the process of step S14 when the determination result of step S13 is Y. Also, OS
It is also possible to prevent the message itself from being given to the second browser without converting the copy and print messages to Null. Further, the process of converting a message into Null can be executed by not the OS but another program provided between the OS and the second browser.

In the above-described embodiments, the content displayed on the display device has been mainly described, but the content also includes the sound information output from the audio device such as the speaker as described above. Therefore, copying of this sound information is prevented.

4. Display processing of copyable and printable content in the second browser In the second browser,
As mentioned in the previous section, copying and printing are prevented, but
It is also possible to display content (for example, content that does not correspond to confidential information) permitted to be copied and printed on the second browser, and copy and print the content.

FIG. 7 is a flow chart showing the flow of display processing of copyable and printable contents in the second browser.

Also in the second browser, the displayed content may include an anchor (step S21). When the anchor is clicked by the user, the second browser determines whether the URL possessed by the anchor is a URL for a copyable and printable content (step S22).

This determination is made by comparing the copy / printable URL list stored in advance in the storage device of the client 1 with the URL of the anchor clicked by the user. FIG. 8 shows an example of a copy / printable URL list.

When the URL of the anchor clicked by the user is found in the copy / printable URL list by collation (Y in step S22), the second browser (client 1) determines the URL of the anchor. It is transmitted to the in-house server 2 (step S23).

The in-house server 2 reads the content specified by the URL transmitted from the client 1 from its own storage device or the external WWW server 3 and transmits it to the client 1 (step S24).

When the second browser receives the content transmitted from the in-house server 2, the second browser opens another window and displays the content in this another window (step S25). In this another window, it is set so that the processes of steps S12 to S14 of the OS shown in FIG. 5 described above are not executed. This enables copying and printing of the content displayed in this separate window.

On the other hand, the URL clicked by the user
However, if the URL does not exist in the copy / printable URL list (N in step S22), the content is displayed by the second browser (step S26), and the processing of the flowchart of FIG. Cannot be copied and printed.

5. File authentication process and anchor encoding process When a user accesses content and refers to the content, a process (file authentication process) that authenticates whether the user is qualified to access / reference the content is performed. Users who can execute and access / reference can be restricted.

Also, the URL of the anchor displayed on the home page is converted into another code (encoding or encryption).
However, it is possible to prevent the user from knowing the URL easily.

FIG. 9 is a flow chart showing the flow of such file authentication processing and anchor information encoding processing. In the figure, the process of steps S33 to S37 is the file authentication process, and the process of steps S38 to S40 is the anchor information encoding process.

The browser of the client 1 is activated, and the home page is displayed on the display device of the client 1 (step S31). This browser may be the above-mentioned first browser or the second browser.

The anchors of this home page include two types of anchors. First anchor (normal anchor)
Is an anchor that has only a URL. The second anchor (anchor requiring authentication) is an anchor having a URL and data (hereinafter referred to as “authentication required data”) indicating that authentication for access / reference to content is required.

FIG. 10 shows an example of a home page containing such normal anchors and authentication-required anchors. In the figure, an anchor 41 with a key mark is an anchor requiring authentication, and anchors 42, 4 without a key mark are shown.
The third grade is usually an anchor.

Returning to FIG. 9, when the user clicks the authentication-required anchor, the browser of the client 1 transmits the URL and the authentication-required data possessed by the authentication-required anchor to the in-house server 2 (step S32).

The in-house server 2 judges whether or not the data transmitted from the client 1 includes the data requiring authentication in addition to the URL (step S33). If the authentication required data is included (Y in step S33), the in-house server 2 transmits a password input request to the client 1 (step S34).

When the client 1 receives the password input request, the browser displays the password input request on the display device and waits for the password input from the user (step S35). FIG. 11 shows an example of a display screen displayed when an authentication-required anchor is clicked.
Shows an example of a display screen in which a password input field is displayed. In FIG. 10, when the authentication required anchor 41 is clicked, the display screen shown in FIG. 11 is displayed. When the password input guidance button 44 in the center of the display screen is clicked, as shown in FIG.
A display screen having 5 is displayed.

When the password is entered in the password entry field 45 of FIG. 12 by the user, the browser sends the entered password to the in-house server 2 (step S3).
6).

The storage device of the server 2 stores passwords for authentication provided for the contents (files here) stored in the storage device. Figure 1
3 shows this password in a table format.

The "limited" column is a column showing whether or not the file requires authentication. If a black circle is displayed inside a white circle in this column, it means that the corresponding file requires authentication, and if no black circle is displayed, it means that the corresponding file does not require authentication.

"File name" is the name of the file,
"Content" is a short description of the contents of the file. The file name and contents are given by the file creator or the like.

The "current password" is the password currently valid, and the "current password expiration" is the expiration date of the current password. The "new password" is a password that becomes valid after the expiration of the current password. This current password and new password are given to those who are qualified to access / reference the corresponding file (eg, file (document) creator, author, etc.). As a method of giving, for example, electronic mail or the like can be used.

Returning to FIG. 9, the in-house server 2 stores the password sent from the client 1 in this password database, and sends the U sent in step S32.
It is confirmed whether or not it matches the one corresponding to the RL (here, the file name) (step S37), and if it matches, the anchor information encoding process is executed (step S38).
~ S40). Although not shown, if the passwords do not match, the password input request is sent to the client 1 again.

On the other hand, in step S22, when the normal anchor is clicked by the user and only the URL possessed by the normal anchor is transmitted to the in-house server 2, the in-house server 2 judges that authentication is not necessary (N in step S33), Immediately move to anchor information encoding processing (steps S38 to S4).
0).

Then, the in-house server 2 creates a temporary folder in its own storage device (step S38).
The name of this folder is given a name by which the client 1 (user) can be identified from other clients. For example, a session number (9-digit number) that is set when the client 1 browses the home page using this browser and is retained until the reference to the home page is completed.
Is used to name the folder. This session number is a number that is set each time the client refers to the home page, and is a unique number that is assigned to each client.

Since this folder name may be any name that can identify the client 1 from other clients, the time when the client 1 accessed the home page may be used as the folder name in addition to the session number.

When a plurality of clients 1 are connected to the in-house server 2, this folder is created for each client.

Next, the in-house server 2 copies (stores) the content designated by the URL transmitted from the client 1 in step S32 into the created folder (step S39).

Next, the in-house server 2 checks whether or not an anchor exists in the content copied in the folder, and if there is an anchor, encodes the URL of the anchor (other characters (Converted into a string or the like) (step S40).

Here, whether the content is an anchor depends on whether the content is HTML (Hyper Text Markup Lapse).
nguage), XML (eXtensible Markup Language), or other markup language can be used to determine whether the tag in the content is an anchor tag.

The encoding is a combination of the folder name of this folder, the time (hour / minute or hour / minute / second) at the time of encoding, and the serial number sequentially added to the anchor in the content from 1 at the time of encoding. This is done by using the string For example, if the name of the created folder is a 9-digit session number “095846721”, the time when encoding is 12:08, and the serial number is 7, the URL is “0958467211208007” or , The order of hours, minutes, and serial numbers has been changed. "09584672108007
It is encoded (converted) to a 12 ”character string.

It is also possible to encode only a part of the URL. For example, URL protocol name (for example, http)
It is also possible to encode only the part of the file name excluding the domain name.

At the same time as the encoding, the in-house server 2 creates an encoded database in which the URL before encoding and the character string after encoding are associated with each other and stored in the storage device.

Subsequently, the in-house server 2 transmits the content having the encoded anchor to the client 1 (step S41). The browser of the client 1 displays the content transmitted from the in-house server 2 on the display device (step S42). As a result, even if the URL included in the anchor is displayed in the address field or message bar of the display screen of the browser, what is displayed is an encoded character string, so the user knows the original URL. I can't. That is, the URL that the anchor has
Is hidden.

In the client 1, when the anchor is clicked by the user, the encoded character string of the anchor is transmitted to the in-house server 2. In-house server 2
Uses the encoded database for the received character string,
The content is converted into a URL before encoding, the content is accessed by the URL, and the content is transmitted to the client 1. As a result, the content is displayed on the client 1.

Although not shown in FIG. 9, the generated folder, the contents in the folder, and the encoded database are no longer needed (for example, when the homepage reference is completed and the session is deleted).
Will be erased (deleted). This can prevent the referenced content from being illegally obtained from the in-house server 2 by a third party.

In addition to the URL, all anchors may have authentication necessity data indicating whether authentication is required.

The password input request displayed on the display device of the client 1 can be displayed by the client 1 in response to the click of the anchor requiring authentication without receiving from the in-house server 2.

Further, here, the file authentication process and the anchor encoding process are described as a series of process flows, but both processes can be executed separately. That is,
Only the file authentication process can be executed on the client and server, or the anchor encoding process can be executed on the client and server.

[0125]

According to the present invention, the anchor URL included in information (content) such as a home page can be hidden. Also, according to the present invention, copying and printing of the displayed content is prevented. Furthermore, according to the present invention, the user (acquirer / referencer) of predetermined information can be restricted by performing the authentication process.

[Brief description of drawings]

FIG. 1 is a block diagram showing an overall configuration of a network system according to an embodiment of the present invention.

FIG. 2 is a sequence diagram showing a flow of content acquisition and reference (display) processing using a first browser and a second browser.

FIG. 3 shows an example of an in-house home page displayed on a browser by accessing an in-house server.

FIG. 4A shows a list of keyword files having a specific anchor extension “kbw” in the file name,
(B) shows a URL database that associates keywords with URLs.

FIG. 5 shows an example of a display screen displayed on a display device by a second browser.

FIG. 6 is a flowchart showing the flow of processing for preventing copying and printing instructions from the input device.

FIG. 7 is a flowchart showing a flow of display processing of copyable and printable contents in the second browser.

FIG. 8 shows an example of a copy / printable URL list.

FIG. 9 is a flowchart showing a flow of file authentication processing and anchor encoding processing.

FIG. 10 shows an example of a home page containing a normal anchor and an anchor requiring authentication.

FIG. 11 shows an example of a display screen displayed when an anchor for authentication is clicked.

FIG. 12 shows an example of a display screen in which a password input field is displayed.

FIG. 13 is a table showing passwords used for file authentication.

[Explanation of symbols]

1 client 2 In-house server 3 WWW server 4 Intranet 5 Internet

   ─────────────────────────────────────────────────── ─── Continued front page    (72) Inventor Yoko Imanaka             1-11-10 Tsukiji, Chuo-ku, Tokyo Stock market             Inside the company Dentsu (72) Inventor Makoto Eren             2-25-15 Nihonbashi Ningyocho, Chuo-ku, Tokyo             MS Nihonbashi Building AISINE Co., Ltd.             Inside F-term (reference) 5B017 AA07 BA06 CA16                 5B082 EA11 HA05                 5B085 AE00 AE03 BA07 BG07

Claims (27)

[Claims] 1. A method for a client to obtain information existing on a network system having a server and a client, wherein the server has a position on the network system of information obtainable by the client. A file having a keyword associated with the indicated address is stored, and the client displays the homepage data including the anchor having the file name of the file on the display means included in the client and includes the homepage data. When the anchor selected is selected by the user, the file name of the anchor is transmitted to the server, the server transmits a file corresponding to the file name transmitted from the client to the client, The client is Server transmits the keyword contained in the file to the server, the server acquires the information based on the address corresponding to the keyword transmitted from the client, and acquires the information from the client. An information acquisition method, wherein the client receives the information. 2. The client according to claim 1, wherein programs of a first browser and a second browser are stored in the client, and the client activates the first browser to display on the first browser. An information acquisition method of displaying the homepage data, starting the second browser after receiving the file, and outputting the information transmitted from the server on the second browser. 3. The information processing system according to claim 2, wherein the client does not execute the instruction when the user instructs to copy or print all or part of the information output on the second browser. Acquisition method. 4. In a network system having a server and a client, the server stores a file having a keyword associated with an address indicating a position on the network system of information obtainable by the client. A file name receiving means for receiving the file name of the anchor transmitted from the client, and a file transmitting means for transmitting a file corresponding to the file name received by the file name receiving means to the client A keyword receiving unit for receiving the keyword contained in the file transmitted from the client, and acquiring the information based on the address corresponding to the keyword received by the keyword receiving unit,
Information transmitting means for transmitting the information to the client,
The client includes homepage data display means for displaying homepage data including an anchor having a file name of the file, and the anchor selected in the homepage data is selected by the user. File name transmitting means for transmitting the file name of the anchor to the server, file receiving means for receiving the file corresponding to the file name transmitted from the server, and the file received by the file receiving means 2. A network system comprising: a keyword transmitting means for transmitting the keyword possessed by the server to the server; and an information receiving means for receiving information associated with the keyword. 5. In order to obtain information existing on a network system having a server and a client,
An information acquisition method performed by the server, wherein the server stores a file having a keyword associated with an address indicating a position on the network system of information that can be acquired by the client. Is displayed on the display means of the client, receives the file name of the anchor in the homepage data including the anchor having the file name of the file from the client, and displays the file corresponding to the received file name. Send to the client,
Receiving the keyword contained in the file transmitted from the client, acquiring the information based on the address corresponding to the received keyword, and transmitting the acquired information to the client,
Information acquisition method. 6. A server for acquiring information existing on a network system having a server and a client, the file having a keyword associated with an address indicating a position of the acquired information on the network system. A storage means for storing the file name, a file receiving means for receiving the file name of the anchor from the client in the homepage data displayed on the display means of the client and including the anchor having the file name of the file, A file transmitting means for transmitting a file corresponding to the file name received by the file receiving means to the client, a keyword means for receiving the keyword contained in the file transmitted from the client, and the keyword receiving means. Information transmission means for acquiring the information based on the address corresponding to the received keyword and transmitting the information to the client. 7. A server provided on a network system having a client, wherein a file having a keyword associated with an address indicating a position on the network system of information provided to the client is stored in the server, In the home page data including the anchor having the file name of the file displayed on the display means of the client, the procedure for receiving the file name of the anchor from the client, and the home page data transmitted from the client A procedure for receiving the file name included in the included anchor, a procedure for transmitting a file corresponding to the received file name to the client, and a procedure for receiving the keyword included in the file transmitted from the client And a program for causing the procedure of acquiring the information based on the address corresponding to the received keyword and the procedure of transmitting the acquired information to the client. 8. In order to obtain information existing on a network system having a server and a client,
In the information acquisition method performed by the client, homepage data including an anchor having a file name of a file having a keyword associated with an address indicating a position on the network system of information that can be acquired by the client, When the anchor displayed in the display means of the client is selected by the user and the anchor included in the homepage data is selected by the user, the file name of the selected anchor is transmitted to the server and transmitted from the server. Receiving a file corresponding to the file name, transmitting the keyword included in the received file to the server, and based on the address of the server corresponding to the transmitted keyword, the server Information received from the server, How to get. 9. The client for acquiring information existing on a network system having a server and a client, wherein a keyword associated with an address indicating a position on the network system of information that can be acquired by the client is set. Display means for displaying homepage data including an anchor having a file name of the file having; and, when the anchor included in the homepage data is selected by a user, the file name possessed by the selected anchor is given to the server. A file name transmitting means for transmitting to the server, a file receiving means for receiving a file corresponding to the file name transmitted from the server, and a keyword transmitting means for transmitting the keyword contained in the received file to the server. , The server has, An information receiving unit that receives information acquired by the server from the server based on the address corresponding to the transmitted keyword. 10. An anchor having a file name of a file having a keyword associated with an address indicating a position on the network system of information obtainable by the client, provided to a client provided on a network system having a server. A procedure for displaying home page data including the above on a display means included in the client, and when the anchor included in the home page data is selected by the user, the file name of the selected anchor is stored in the server. A procedure of transmitting, a procedure of receiving a file corresponding to the file name transmitted from the server, a procedure of transmitting the keyword included in the received file to the server,
A program for causing a server to receive information acquired by the server from the server based on the address corresponding to the transmitted keyword. 11. An authentication method performed when the client acquires information existing on a network system having a server and a client, wherein the server has a position on the network system of information that requires authentication. Correspondence data in which an address indicating a password and a password used to authenticate the information are associated is stored,
The client displays homepage data including an anchor having the address and authentication-required data indicating that authentication is required to obtain the information specified by the address on a display unit included in the client, When the anchor included in the homepage data is selected by the user, the address and the authentication required data possessed by the anchor are transmitted to the server, and the server transmits the address and the authentication required transmitted from the client. Upon receiving the data, the client
The user is requested to input the password, the input of the password is waited for by the user, the input password is transmitted to the server, the server receives the password transmitted from the client, and the received the password. The password and the password corresponding to the received address referenced from the corresponding data are compared, and if the two passwords match, the information specified by the address is acquired and transmitted to the client. Then
An authentication method, wherein the client receives the information. 12. In a network system having a server and a client, the server has correspondence data in which an address indicating a position on the network system of information requiring authentication and a password used for authenticating the information are associated with each other. In the homepage data including an anchor having storage means for storing, an address displayed on the client and indicating that the address and the information designated by the address require authentication, Address / authentication required data receiving means for receiving the address and the authentication required data possessed by the specified anchor from the client, and password receiving means for receiving a password input by the user of the client and transmitted from the client And the password Comparing means for comparing the password received by the receiving means with the password corresponding to the received address referred to by the corresponding data, and the result of the comparison by the comparing means is that both passwords match. And information transmission means for acquiring the information specified by the address and transmitting the information to the client, the client including homepage display means for displaying the homepage data and the homepage data included in the homepage data. When an anchor is selected by the user, an address / authentication data transmission means for transmitting the address and the authentication data required by the anchor to the server, an input requesting means for requesting the input of a password, and a user The input means for inputting the password, and the input means Network system characterized in that it includes a password transmitting means for transmitting the password to the server, and an information receiving means for receiving information transmitted by the information transmitting means of the server. 13. An authentication method performed by the server when the client acquires information existing on the network system having the server and the client, wherein the network system of the information that requires authentication. Correspondence data in which an address indicating a position above is associated with a password used for authentication of the information is stored, and the server displays the address and information specified by the address on the client. In home page data including an anchor having authentication required data indicating that authentication is required for acquisition, the address specified by the user and the authentication required data are received from the client,
Receiving the password sent from the client,
The received password is compared with the password corresponding to the received address referenced from the corresponding data, and when both passwords match, the information specified by the address is acquired, Authentication method to send to the client. 14. An address indicating the position on the network system of the server, which is the server that performs authentication when the client acquires information existing on the network system having the server and the client. And a storage unit that stores correspondence data that associates a password used to authenticate the information, and that authentication is required to obtain the address displayed on the client and the information specified by the address. Address / authentication-requiring-data receiving means for receiving from the client the address and the authentication-requiring data of the anchor specified by a user in homepage data including an anchor having the authentication-requiring data represented by Input from and sent from the client Password receiving means for receiving a password, the password received by the password receiving means, and the corresponding data referred to,
As a result of the comparison by the comparison means for comparing the received password with the password corresponding to the received address, if both passwords match, the information specified by the address is acquired and transmitted to the client. A server including: 15. Correspondence data provided on a network system having a client and storing an address indicating a position on the network system of information requiring authentication and a password used for authenticating the information are stored. Specified by the user in the home page data including the anchor displayed on the client, which has the address and the authentication required data indicating that the information specified by the address requires the authentication. The procedure of receiving the address and the authentication required data of the anchor from the client, the procedure of receiving the password transmitted from the client, the received password, and the reference from the corresponding data, Enter the password corresponding to the received address A program for executing the comparison procedure and a procedure for acquiring the information specified by the address and transmitting it to the client when both passwords match. 16. An authentication method performed by the client when the client acquires information existing on the network system having a server and a client, and indicates a position on the network system of information that requires authentication. Homepage data including an anchor having an address and authentication required data indicating that authentication is required to obtain the information specified by the address is displayed on the display means of the client, and is included in the homepage data. When the anchor is selected by the user, the address held by the anchor and the authentication-required data are transmitted to the server, the user is requested to input the password required for authentication, and the password input from the user is requested. Wait, send the entered password to the server, authentication Method. 17. A client provided in a network system having a server and performing authentication when acquiring information existing on the network system from the server or via the server, the authentication being required. Display means for displaying homepage data including an anchor having an address indicating a position of the information on the network system and authentication required data indicating that authentication is required to obtain the information specified by the address; An address for transmitting the address held by the anchor and the authentication required data to the server when the anchor included in the homepage data is selected by the user.
Authentication required data transmitting means, password input requesting means for requesting a user to input a password required for authentication, input means for inputting the password from the user, and the password input by the input means to the server. A client having a password transmitting means for transmitting. 18. When the client acquires information existing on a network system having a server and a client, the client designates an address indicating the position on the network system of the information requiring authentication and the address. To display the homepage data including the anchor having the authentication required data indicating that the authentication is required to obtain the information to be displayed on the display unit of the client, and the anchor included in the homepage data is the user. When selected by, the procedure of transmitting the address and the authentication required data possessed by the anchor to the server, the procedure of requesting the user to input the password required for authentication, and the input of the password from the user Wait and send the entered password to the server. A program for executing the sequence and. 19. An anchor information encoding method performed by the server when the server provides the client with information including an anchor that exists on a network system having a server and a client,
When the address indicating the position on the network system of the information including the anchor is received from the client, the information is acquired based on the address, and a temporary storage location for storing the acquired information is stored. Generating in the server, storing the acquired information in the generated storage location, converting an address of the anchor included in the information into a code different from the address,
An anchor information encoding method, which generates correspondence data in which the address and the converted code are associated with each other, and transmits the information including an anchor having the code to the client. 20. The server according to claim 19, wherein the server is
An anchor information encoding method for erasing the information, the information storage location, and the corresponding data when the information is no longer needed. 21. Address receiving means for receiving from the client an address that is present on a network system having a server and a client and that indicates the position of information including an anchor on the network system, and the address receiving means. Based on the received address, an information acquisition unit that acquires the information specified by the address and a temporary storage location for storing the information acquired by the information acquisition unit are provided in the server. The generating means for generating and storing the acquired information, the converting means for converting the address included in the anchor included in the information into a code different from the address, the address and the converted code are associated with each other. Corresponding data generating means for generating the corresponding data, and the information including the anchor having the code A server for transmitting information to the client. 22. The network of the information including the anchor, which is present on the server when the server provides the client with the information that is present on the network system having the server and the client. When an address indicating a position on the system is received from the client, a procedure for acquiring the information based on the address, and a procedure for generating a temporary storage location for storing the acquired information in the server When,
A step of storing the acquired information in the generated storage location, a step of converting an address included in the anchor included in the information into a code different from the address,
A program for executing a procedure of generating correspondence data in which the address and the converted code are associated with each other, and a procedure of transmitting the information including an anchor having the code to the client. 23. A program executed by a client for controlling a browser for displaying information on a network system to which the client is connected, the program being transmitted to the client from a user via an input means included in the client. A procedure for receiving an instruction including copying or printing of information on the browser given, and if the instruction is copying or printing of the information, delete the instruction and not give it to the browser, or A program for causing a browser to execute a procedure of converting the message into a message without any execution and giving the message to the browser. 24. The procedure according to claim 23, when the client is instructed to copy, the information stored in a temporary storage means for temporarily storing information to be copied is deleted. A program that causes, 25. A browser device for displaying information on a network system, comprising: receiving means for receiving the information from the network system; display means for displaying the information received by the receiving means; Input means for inputting a user's instruction, including copying or printing of information, execution means for executing the user's instruction input by the input means, and user's instruction input by the input means for copying the information Or, in the case of printing, a browser device comprising: an erasing / converting means for erasing the instruction or converting the instruction into an instruction without any execution and giving the instruction to the executing means. 26. The information according to claim 25, wherein the information includes an anchor having an address indicating a position of the information on the network system, and the information received by the receiving unit is copied based on the address held by the anchor. And storage means for storing print / copy permission data indicating whether or not printing is permitted in association with the address, and the erasing / converting means, when the anchor is selected by the input means, When the address of the selected anchor is permitted to be copied or printed by the print / copy permission data, the instruction is input without deleting or converting the instruction input by the input means. A browser device that gives the execution means. 27. A method performed by a client on a network system to prevent copying or printing of information on the network system displayed by the browser, the method comprising: executing the browser, the input being carried by the client. Accepting an instruction including copying or printing of information on the browser given by the user via the means, and if the instruction is copying or printing of the information, delete the instruction and not give it to the browser; Alternatively, a method of preventing copying / printing, in which the browser converts the instruction into an instruction without any execution and gives the instruction to the browser to cause the browser to execute the instruction.