JP2010152690A - Information providing apparatus, information providing portal system, information providing method and information providing program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information providing apparatus, an information providing method and an information providing program that prevent users from manipulating data and reduce processing loads on user devices and the information providing apparatus. <P>SOLUTION: The information providing apparatus is configured to store policy information about each service module, generate a main session ID and a service session ID when connecting the information providing apparatus with a user device, verify whether a service session ID included in request information from the user device is valid on the basis of information in a session information storage part, refer to an identification information storage part for a service module name included in the request information to acquire identification information about the corresponding service module, and call and execute the service module according to the session information corresponding to the service session ID and the identification information. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an information providing apparatus, an information providing portal system, an information providing method, and an information providing program that respond to a user's request.

  For example, a web server or the like is an example of an information providing device that responds to a request from a user device, a web browser or the like is an example of a user device, and a web page is an example of provided information.

  The web server accumulates information such as HTML documents and images, and transmits such information through a network such as the Internet in response to a request from the web browser. This is performed according to the following procedure.

  A user specifies a URL (Uniform Resource Locator) on a web browser. The URL is a description method that indicates the location of information resources (documents, images, etc.) existing on the Internet, and is composed of information type, server name, port number, folder name, file name, etc. (for example, , “Www.test01.example02.com/sample03/index.html”). The web browser extracts the domain from the URL. The domain means a commonly managed area in a computer or network existing on the Internet, and the identifier is called a domain name (for example, “www.test01.example02.com” or the like). The web browser transmits request information to the extracted domain. The request information is information including a method, URL, requested data, and the like.

  The web server dynamically generates a web page and sends response information to the web browser. The response information is information including a status code, a response phrase, response data, and the like. The web page may be composed of an HTML portion in charge of display and a script portion that runs on a web browser such as an executable Java (registered trademark) script. The script can access information on other web pages. However, the accessible range is limited to web pages distributed from the same domain. This limitation is called Same Origin Policy. In other words, a web page in the domain “www.test01.example02.com” can access a web page in the same domain, but cannot access a web page in a different domain “www.test02.example02.com”. .

  There is a method of using a session ID as a method for tracking a user's behavior between web pages and allowing the web pages to be accessed even between different domains. Note that a session means a series of communications, and for example, a period from establishment of a connection to disconnection may be one session. The session ID means an identifier that uniquely identifies this session. The session ID uses information that cannot be guessed by a third party other than the user and the service provider. The session ID issuance procedure is as follows. The web server verifies the legitimacy of the user who sent the request information. If the validity is recognized (authentication), the web server generates and assigns a session ID to the user. Further, the web server stores the user and the session ID in the storage unit. The web server responds to the web browser by instructing the response information to “include this session ID in the request information when visiting a page whose domain / URL path / protocol matches the specification within the validity period”. Include in Thereafter, the web server can identify a series of communications using the session ID included in the request information.

  Here, consider a portal that is composed of a main module and a plurality of service modules and provides information. The service module provides at least part of information provided by the web server. The portal can easily change its function by adding or deleting service modules. For example, it is conceivable to add a service module according to the user's request. In such a case, the plurality of service modules share one session ID. In this case, regardless of the Same Origin Policy, the web page can also access other web pages existing in different domains.

  However, in general, the service module is more likely to have a security hole than the main module due to the difference in the development cost and the technical level of the developer. When sharing one session ID, if one of the service modules is defective, the attacker can steal the session ID, impersonate the user, and damage the entire portal. there is a possibility.

The technology described in Non-Patent Document 1 has a configuration in which one service module corresponds to one domain. Hereinafter, an individual domain corresponding to a service module is referred to as a service domain. The session ID uses an individual ID for each service module. By adopting such a configuration, damage to the entire portal is prevented. Each service module cannot access other service modules in different domains according to Same Origin Policy. In addition, even if the session ID is different and the same origin policy is not used, it is possible that damage to the entire portal is caused as in the case of the prior art, if the configuration allows access to other domains. Therefore, in the technology described in Non-Patent Document 1, data communication between service modules is performed via a user device using a script executed on the user's web browser.
Collin Jackson, Helen J. Wang, "Subspace: Secure Cross-Domain Communication for Web Mashups", [on line], May 8-12 2007, the International World Wide Web Conference Committee (IW3C2), Banff, Alberta, Canada, [ Retrieved on December 9, 2008], Internet <http://www2007.org/papers/paper801.pdf>

  However, the technique described in Non-Patent Document 1 has a problem that data may be falsified by the user because the data passes through the user device (for example, “web browser”). In addition, when each service module wants to acquire data from another service module, it must start the other service module and share information by a script, so that the processing load on the web server and web browser is increased. There is a problem of increasing. There is also a problem that the amount of communication increases.

  The present invention performs information communication between service modules without using a script while enhancing security, prevents falsification of data by a user, and reduces processing load on the user device and the information providing device. An object is to provide a providing device, an information providing method, and an information providing program.

  The information providing technology of the present invention responds to a request of a user device for a service module, and the domain of the information providing device is different from at least a part of the domain of the service module, and stores the service module name and the service module identification information. The main session ID that stores the name of each service module and the authority of the service module as policy information, and uniquely identifies the connection when establishing a connection between the user device and the information providing device, and the user device A service session ID for uniquely identifying the connection between the service module and each service module, storing a value obtainable from the main session ID, a value obtainable from the service session ID, and corresponding policy information as session information, Included in request information from user devices The validity of the service session ID is verified using the information in the session information storage unit, and the identification information of the corresponding service module is obtained by referring to the identification information storage unit using the service module name included in the request information. The service module is called and executed using the session information and identification information associated with the service session ID, and at least a part of the information provided by the information providing apparatus is provided according to the policy.

  According to the information providing apparatus and the information providing method of the present invention, data communication between service modules can be performed without using a script, so that falsification by a user can be prevented. In addition, the processing load on the user device and the information providing device can be reduced. In addition, the amount of communication can be reduced.

  Here, examples of the present invention will be described.

[Information provision portal system 10]
FIG. 1 shows the relationship between the user device 3 and the information providing portal system 10. FIG. 2 shows a configuration example of the information providing portal system 10. The information providing portal system 10 is composed of a main module 100 and one or more service modules 200n (1 ≦ n ≦ N), and in response to a request from a user device 3 (for example, a web browser), a network 5 ( For example, it is a system that provides information via a LAN or the Internet. The user device 3 may mean a web browser or the like, or a computer or the like that implements it. The main module 100 is a module necessary for the information providing portal system to provide information. Details will be described later.

<Service module 200n>
The service module 200n provides at least a part of the information provided by the information providing apparatus 1. For example, it is called by the execution unit 160 of the main module 100 and executed by the execution unit 160 to create a part of a web page provided by the information providing apparatus.

  The main module 100 is mounted on the information providing apparatus 1 constituting the information providing portal system 10. Note that the information providing apparatus 100 on which the main module is mounted also constitutes a part of the information providing portal system 10. The service module 200n may be mounted on the same domain as the main module 100 (for example, service modules 2001 and 2002), or may be mounted on a different domain from the main module 100 (for example, service module 2005). Note that all service modules may be mounted in a different domain from the main module. Hereinafter, the domain in which the main module is mounted is referred to as “main domain”, and the domain in which the service module is mounted is referred to as “service domain”. Therefore, the main domain and each service domain may be the same domain or different domains. However, at least a part of the main domain and the service domain are different. At this time, modules in different domains cannot access each other using a script according to Same Origin Policy. For example, each service module 200n may have a storage unit 208n (not shown) or the like, and may store user personal information or the like in each storage unit 208n. Modules in different domains cannot access other storage units using a script, so that personal information and the like can be managed safely. In a DNS (Domain Name System) server that manages a service domain, the IP address of the information providing apparatus 1 is registered as an IP address corresponding to the service domain. With such a configuration, the user device 3 trying to access the service domain accesses the information providing device 1.

[Information providing apparatus 1]
FIG. 3 shows an example of the processing flow of the information providing apparatus 1. The information providing apparatus 1 includes a communication unit 7, a storage unit 8, a control unit 9, a main module 100, and a service module 200n. The main module 100 includes an identification information storage unit 105, an authentication unit 110, a policy storage unit 120, a generation unit 130, a session information storage unit 140, a verification unit 150, and an execution unit 160.
Note that this embodiment does not limit the content of the invention. For example, the service module 200n may not be provided, and only an external service module may be used.

<Communication unit 7, storage unit 8 and control unit 9>
The information providing apparatus 1 waits for request information to be transmitted from the user apparatus 3 (s1). When the request information is transmitted from the user device 3, the information providing device 1 receives the request information from the user device 3 via the network 5 and the communication unit 7 (s7). Hereinafter, it is assumed that the communication with the information providing apparatus 1 and the user apparatus 3 is performed via the communication unit 7 even if not specifically described. The communication unit 7 is configured by, for example, a LAN adapter or the like, and is connected to a network 5 including a LAN, the Internet, or the like.

  The storage unit 8 may temporarily store the received request information. Hereinafter, unless otherwise indicated, each input / output data and each data in the calculation process are stored / read out in the storage unit 8 one by one, and each calculation process proceeds. However, it is not always necessary to store the data in the storage unit 8, and data may be directly transferred between the units. Note that a policy storage unit 120 and a session information storage unit 140, which will be described later, may be provided as a part of the storage unit 9, or may be provided separately.

  The control unit 9 controls and executes each process in the information providing apparatus 1. For example, when the request information is received via the communication unit 7, the control unit 9 may activate the main module 100.

  The verification unit 150 verifies whether the service session ID is included in the request information from the user device 3. In the first access, since the service session ID is not included in the request information, the processing is transferred to the authentication unit 110 before providing the information. Processing when the service session ID is included in the request information will be described later.

<Identification information storage unit 105>
The identification information storage unit 105 stores in advance an identifier of each service module (for example, the URL of each service module, etc., hereinafter referred to as “service module name”) and service module identification information. FIG. 4 shows an example of data stored in the identification information storage unit 105. For example, an IP address or the like can be considered as the identification information. Any other information such as a MAC address may be used as long as it can identify a device (such as a server) on which the service module is mounted. For example, the domains in the second and third lines in FIG. 4 are “module2.portal.com” and are the same. In this way, a plurality of service modules and identification information may correspond to one service domain. The identification information on the third and fourth lines is “192.168.200.ΔΔΔ”, which is the same. Thus, a plurality of service domains and service modules may correspond to one identification information.

<Authentication unit 110>
FIG. 5 shows a processing flow example of the authentication unit 110. The authentication unit 110 authenticates the user (s110). For example, authentication information is requested to the user apparatus 3 that transmitted the request information (s112). As the authentication information, for example, authentication information used for biometric authentication such as a user ID, a password, and fingerprint information can be considered. The user device 3 transmits authentication information to the information providing device 1. The authentication unit 110 receives the authentication information (s114), refers to an authentication information database (not shown), etc., and confirms the validity of the user device 3 (s116). If the validity cannot be confirmed, an error is output (s117). Further, the request from the user device 3 may be rejected, or the authentication information may be requested again. If the validity can be confirmed, the process proceeds to the generation unit 130 (s118).

  In addition, when authenticating a user using the technology described in Non-Patent Document 1, when a user apparatus accesses each service module, it is necessary to perform authentication by each service module, and the processing amount and communication The amount increases. Further, as described above, the service module is more likely to have a security hole than the main module, and is easily targeted by an attacker. By having the authentication unit 110 in the main module, security can be enhanced by centralized management. In addition, the amount of processing and the amount of communication can be reduced by performing authentication collectively.

  Note that this embodiment does not limit the content of the invention. The authentication unit 110 does not necessarily request authentication information. For example, authentication may be performed using a source IP address obtained when request information is received. In this case, the “user” does not necessarily mean “user itself”, and may mean “user device”, for example. Further, for example, if it is not necessary to confirm the validity of the user device, the authentication unit 110 may not be provided.

<Policy storage unit 120>
The policy storage unit 120 stores in advance the service module name and the authority of the service module as policy information. FIG. 6 shows an example of data stored in the policy storage unit 120. The authority includes an accessible range and processing contents. For example, referring to FIG. 6, this means that the service module “module1.portal.com” has the authority to write to the service module “module2.portal.com”. Further, for example, the accessible range can be limited not only to the service module but also to the data items of the service module. For example, the main module may be configured to “read” only the data item “age” from a certain service module 200n.

<Generator 130>
FIG. 7 shows a processing flow example of the generation unit 130. When establishing a connection between the user device 3 and the information providing device 1, the generation unit 130 uniquely identifies the main session ID for uniquely identifying the connection, and the connection between the user device 3 and each service module 200n. A service session ID to be identified is generated (s130). For example, the generation unit 130 specifies a service module name to be used from the request information (s131), generates a corresponding main session ID and service session ID (s133), and further refers to the policy storage unit 120 to specify the specified service Policy information corresponding to the module name is acquired (s135), and a value obtainable from the main session ID, a value obtainable from the service session ID, and policy information are output to the session information storage unit 140 (s137). Hereinafter, the value that can be obtained from the main session ID, the value that can be obtained from the service session ID, and the policy information corresponding thereto are collectively referred to as session information. The value that can be obtained from the main session ID and the value that can be obtained from the service session ID may be the main session ID, the service session ID itself, or a value that can be obtained therefrom. Good. For example, a hash value that can be obtained from the main session ID and the service session ID, a cryptographically processed value, and the like are conceivable. Since the service session ID is not shared between the service modules, the entire portal is not damaged like the non-patent literature.

The information providing apparatus 1 instructs the service information to include the service session ID when requesting a page whose domain / URL path / protocol matches the specification within the expiration date. Add to response information.
For example, a service session ID is added to subsequent request information using a cookie or the like. The main session ID may be instructed to be included in the request information.

<Session information storage unit 140>
The session information storage unit 140 stores session information (s140). FIG. 8 shows an example of data stored in the session information storage unit 140. For example, for a connection whose main session ID is “osdkmasgaso” and whose service session ID is “agq3qvw4tq24”, the service module “module1.portal.com” corresponds to the service module “module2.portal.com”. You can write. The main session ID manages a session between the main module (or information providing apparatus 1) and the user apparatus 3, and the service session ID manages a session between the service module 200n and the user apparatus 3. Therefore, when calling a plurality of service modules 200n, a plurality of service session IDs correspond to one main session ID. Further, the information providing apparatus 1 can identify the main session ID from the data in the session information storage unit 140 even when only the service session ID is included in the request information. If policy information includes a hash value or a cryptographically processed value that can be obtained from the main session ID and service session ID, even if the session information storage unit 140 is peeped, the attacker Does not know the main session ID and service session ID. Therefore, it is possible to prevent an attacker from impersonating a user. Further, the amount of information stored using a hash value or the like may be reduced.

<Verification unit 150>
FIG. 9 shows a processing flow example of the verification unit 150. The verification unit 150 verifies the validity of the service session ID included in the request information from the user device 3 using the information in the session information storage unit (s150). For example, the verification unit 150 verifies the validity by checking whether or not the service session ID included in the request information from the user device 3 exists in the session information storage unit. The verification unit 150 receives the request information and verifies whether or not the service session ID is included in the request information from the user device 3 as described above (s151). If not included as described above, the process proceeds to the authentication unit 110 (s153). When the service session ID is included in the request information, the session information storage unit 140 is referred to check whether or not this service session ID exists (s155), and if it exists, the process proceeds to the execution unit 160. (S157) If it does not exist, the process proceeds to the authentication unit (s153). Note that a message indicating that the session has expired may be transmitted to the user device 3 before the processing is transferred to the authentication unit. If the session information storage unit 140 stores a hash value or the like of the service session ID, the hash value is obtained from the service session ID included in the request information using the same hash function or the like. To verify.

<Execution unit 160>
FIG. 10 shows a processing flow example of the execution unit 160. The execution unit 160 refers to the identification information storage unit 105 using the service module name included in the request information and acquires the identification information of the corresponding service module. Also, the service module is called and executed using the session information and identification information associated with the service session ID. According to the policy, at least a part of the information provided by the information providing apparatus is provided (s160). For example, the execution unit 160 receives the request information, extracts the service module name from the URL included in the request information, refers to the identification information storage unit 105, and acquires the service module identification information (s161). Furthermore, from the service session ID included in the request information, the session information storage unit 140 is referred to and policy information is acquired (s162). However, it may be configured to receive session information directly from the generation unit 130 without referring to the session information storage unit 140. Whether the request information conforms to the policy information is confirmed (s163). If the request information conforms to the policy information, the service module is called and executed (s165). The processing result is output as at least part of the response information (s166). If not, an error is output (s167).

  The information providing apparatus 1 transmits response information to the user apparatus 3 to provide information. A plurality of service modules may be accessed during one session. In that case, the generation unit 130 generates a plurality of corresponding service session IDs.

  With such a configuration, a service session ID is provided for each service module, and security equivalent to that of the prior art described in Non-Patent Document 1 can be provided. Furthermore, since data communication between service modules can be performed without using a script, tampering by the user can be prevented. In addition, the processing load on the user device and the information providing device can be reduced. In addition, the amount of communication can be reduced.

<Hardware configuration>
FIG. 11 is a block diagram illustrating a hardware configuration of the information providing apparatus 1 according to the present embodiment.
As illustrated in FIG. 11, the information providing apparatus 1 of this example includes a CPU (Central Processing Unit) 11, an input unit 12, an output unit 13, an auxiliary storage device 14, a ROM (Read Only Memory) 15, and a RAM (Random Access). Memory) 16 and a bus 17.

  The CPU 11 in this example includes a control unit 11a, a calculation unit 11b, and a register 11c, and executes various calculation processes according to various programs read into the register 11c. The input unit 12 is an input interface for inputting data, a keyboard, a mouse, and the like, and the output unit 13 is an output interface for outputting data. The auxiliary storage device 14 is, for example, a hard disk, an MO (Magneto-Optical disc), a semiconductor memory, or the like, and stores a program area 14a in which a program for causing the computer to function as the information providing device 1 is stored and various data. It has a data area 14b. The RAM 16 is an SRAM (Static Random Access Memory), a DRAM (Dynamic Random Access Memory), or the like, and has a program area 16a in which the above programs are stored and a data area 16b in which various data are stored. The bus 17 connects the CPU 11, the input unit 12, the output unit 13, the auxiliary storage device 14, the ROM 15, and the RAM 16 so that they can communicate with each other.

  In addition, as a specific example of such hardware, a server apparatus, a workstation, etc. other than a personal computer can be illustrated, for example.

<Program structure>
As described above, each program for executing each process of the information providing apparatus 1 according to the present embodiment is stored in the program areas 14a and 16a. Each program constituting the information providing name program may be described as a single program sequence, or at least a part of the program may be stored in the library as a separate module. In addition, each program may realize each function alone, or each program may read each other library to realize each function.

<Cooperation between hardware and program>
The CPU 11 (FIG. 11) writes the above-described program stored in the program area 14 a of the auxiliary storage device 14 in the program area 16 a of the RAM 16 in accordance with the read OS (Operating System) program. Similarly, the CPU 11 writes various data stored in the data area 14 b of the auxiliary storage device 14 in the data area 16 b of the RAM 16. The address on the RAM 16 where the program and data are written is stored in the register 11c of the CPU 11. The control unit 11a of the CPU 11 sequentially reads these addresses stored in the register 11c, reads a program and data from the area on the RAM 16 indicated by the read address, causes the calculation unit 11b to sequentially execute the operation indicated by the program, The calculation result is stored in the register 11c.

  FIG. 1 is a block diagram illustrating a functional configuration of the information providing apparatus 1 configured by reading and executing the above-described program in the CPU 11 as described above.

Here, the storage unit 8, the policy storage unit 120, and the session information storage unit 140 correspond to any one of the auxiliary storage device 14, the RAM 16, the register 11 c, other buffer memory and cache memory, or a storage area using these in combination. To do. The communication unit 7, the storage unit 8, the control unit 9, the authentication unit 110, the generation unit 130, the verification unit 150, and the execution unit 160 are configured by causing the CPU 11 to execute an information providing program. Is.
Further, the information providing apparatus 1 according to the present embodiment executes each process under the control of each control unit 9.

[Modification 1] Authentication Service Module Only the differences from the first embodiment will be described. The information providing apparatus 1 according to the first modification does not include the authentication unit 110. The information providing portal system 10 includes an authentication service module 2003. Furthermore, an authentication service module 2004 or the like may be provided in order to distribute authentication processing.

  The authentication service module 2003 or the like authenticates the user. For example, in the case of such a configuration, the verification unit 150 receives the request information and verifies whether the request information from the user device 3 includes the service session ID. If it is not included, or if it is included but does not exist in the session information storage unit 140, the authentication service module 2003 is called. The method for calling the authentication service module may be the same as that in the first embodiment or may be another method. As another method, the identification information of the authentication service module may be separately stored in the storage unit 8 and called without referring to the identification information storage unit 105. Next, the execution unit 160 executes the authentication service module. The authentication process is the same as that of the authentication unit 130.

  With such a configuration, a plurality of authentication processes can be performed, and the processes can be distributed. In addition, the strength of authentication can be easily changed for each module. For example, one authentication service module can authenticate only with the user ID and password, but other authentication service modules may require biometric authentication information in addition to the user ID and password. The authentication service module may be in the main domain or outside the main domain.

[Modification 2] Access Restriction by User ID Only the parts different from the first embodiment will be described. The information providing apparatus 1 according to the second modification differs from the first embodiment in the data stored in the policy storage unit 120. FIG. 12 shows an example of data stored in the policy information storage unit 120 of the second modification. The policy storage unit 120 stores policy information indicating a combination of a user name and a service module name and authority for the combination. This will be described with reference to FIG. For example, referring to FIG. 12, in the case of the user “user_A”, the service module “module1.portal.com” is authorized to read the service module “module2.portal.com”. I have the right to write. On the other hand, in the case of the user “user_B”, the service module “module1.portal.com” does not have the right to write to the service module “module2.portal.com”, and has the right to read. It means having.

  For example, when generating the main session ID and the service session ID, the generation unit 130 specifies a service module name and a user to be used from the request information, and generates a corresponding main session ID and service session ID. Further, the policy storage unit 120 is referred to, policy information corresponding to the identified combination of service module name and user is acquired, and the main session ID, service session ID, and policy information are output to the session information storage unit 140.

  With such a configuration, a policy can be set flexibly for each user. The policy information setting change may be performed by the user or by the administrator of the information providing apparatus. In the case of a configuration that is performed by a user, for example, a guardian can restrict access to a harmful site by a minor. Moreover, when it is set as the structure which an administrator performs, it can set so that only the user who applied for a specific service can receive the service. Also, by setting a policy for each service module, it is possible to prepare many variations of service combinations that can be provided by the portal. It is good also as a structure which selects the combination of the prepared service.

The figure which shows the relationship between the user apparatus 3 and the information provision portal system 10. FIG. The figure which shows the structural example of the information provision portal system. The figure which shows the example of a processing flow of the information provision apparatus 1. FIG. The figure which shows the example of data memorize | stored in the identification information storage part 105. FIG. The figure which shows the example of a processing flow of the authentication part 110. FIG. The figure which shows the example of data memorize | stored in the policy memory | storage part. The figure which shows the example of a processing flow of the production | generation part. The figure which shows the example of data memorize | stored in the session information storage part 140. FIG. The figure which shows the example of a processing flow of the verification part 150. FIG. The figure which shows the example of a processing flow of the execution part 160. The block diagram which illustrated the hardware constitutions of the information provision apparatus 1 in a present Example. The figure which shows the example of data memorize | stored in the policy information storage part 120 of the modification 2.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Information provision apparatus 10 Information provision portal system 7 Communication part 8 Storage part 9 Control part 105 Identification information storage part 110 Authentication part 120 Policy storage part 130 Generation part 140 Session information storage part 150 Verification part 160 Execution part

Claims (8)

An information providing device that responds to a request from a user device for a service module,
The domain of the information providing device is different from at least a part of the domain of the service module,
An identification information storage unit for storing each service module name and identification information of the service module;
A policy storage unit for storing each service module name and the authority of the service module as policy information;
When establishing a connection between the user device and the information providing device, a main session ID for uniquely identifying the connection and a service session ID for uniquely identifying the connection between the user device and each service module are generated. A generator,
A session information storage unit that stores a value obtainable from the main session ID, a value obtainable from the service session ID, and corresponding policy information as session information;
A verification unit that verifies the validity of the service session ID included in the request information from the user device using information in the session information storage unit;
Using the service module name included in the request information, the identification information of the corresponding service module is obtained by referring to the identification information storage unit, and the session information and the identification information associated with the service session ID are used. And an execution unit that calls and executes the service module and provides at least part of the information provided by the information providing apparatus according to the policy. The information providing device according to claim 1,
Has a user authentication service module,
The execution unit, when the request information does not include a service session ID, or if the service session ID is included but is not valid, calls the user authentication service module from the predetermined identification information, An information providing device that executes and authenticates a user. The information providing device according to claim 1 or 2,
The policy storage unit stores policy information representing a combination of a user name and a service module name and authority for the combination.
An information providing apparatus characterized by that. An information providing portal system that responds to a user device request for a service module,
One or more service modules that provide at least a part of information provided by the information providing portal system and an information providing apparatus, and a domain of the information providing apparatus is different from a domain of at least a part of the service module,
The information providing apparatus includes:
An identification information storage unit for storing a service module name and service module identification information;
A policy storage unit for storing each service module name and the authority of the service module as policy information;
When establishing a connection between the user device and the information providing portal system, a main session ID for uniquely identifying the connection and a service session ID for uniquely identifying the connection between the user device and each service module are generated. A generator to
A session information storage unit that stores a value obtainable from the main session ID, a value obtainable from the service session ID, and corresponding policy information as session information;
A verification unit that verifies the validity of the service session ID included in the request information from the user device using information in the session information storage unit;
Using the service module name included in the request information, the identification information of the corresponding service module is obtained by referring to the identification information storage unit, and the session information associated with the service session ID and the identification information are used. An execution unit that calls and executes a service module and provides at least part of information provided by the information providing portal system according to a policy;
An information provision portal system characterized by this. An information providing method for responding to a user method request for a service module,
The domain of the information providing apparatus that realizes the information providing method is different from the domain of at least a part of the service module,
The identification information storage unit stores service module name and service module identification information,
The policy storage unit stores each service module name and the authority of the service module as policy information,
When establishing a connection between a user method and an apparatus that implements the information providing method, a main session ID that uniquely identifies the connection, and a service session that uniquely identifies the connection between the user method and each service module A generation step of generating an ID;
A session information storage step of storing a value obtainable from the main session ID, a value obtainable from the service session ID, and corresponding policy information as session information;
A verification step of verifying the validity of the service session ID included in the request information from the user method using information in the session information storage unit;
Using the service module name included in the request information, the identification information of the corresponding service module is obtained by referring to the identification information storage unit, and the session information and the identification information associated with the service session ID are used. And an execution step of calling and executing the service module and providing at least a part of the information provided by the information providing method according to the policy. An information providing method according to claim 5, wherein
The information provision portal system for realizing the information provision method has a service module for user authentication,
If the request information does not include a service session ID, or if the service session ID is included but is not valid, the service module for user authentication is called and executed using predetermined identification information, An information providing method comprising an authentication step of authenticating a user. The information providing method according to claim 5 or 6, comprising:
The policy storage unit stores policy information representing a combination of a user name and a service module name and authority for the combination.
An information providing method characterized by the above.   An information providing program for causing a computer to function as the information providing apparatus according to claim 1.

Images