JP3626662B2 - How to provide application services - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a method and system for providing application services.
[0002]
BACKGROUND OF THE INVENTION
Providing an application service means allowing a user to use an application program for a fee via a computer network, or providing a user with a so-called commercial service via a computer network.
[0003]
Here, the computer network is, for example, the Internet or a wide area network (WAN). As is well known, the Internet is a huge computer network in which networks all over the world are connected to each other using a communication protocol TCP / IP (Transmission Control Protocol / Internet Protocol). TCP / IP is a standard protocol used in the Internet and Intranet, and TCP / IP is a protocol that serves as a basis for HTTP (Hyper Text Transfer Protocol), FTP (File Transfer Protocol), and the like.
Note that HTTP is a protocol used for transmitting and receiving data (HTML documents, image files, music files, video files, etc.) between a Web server and a Web browser. HTTP is a TCP / TCP for each HTML document. This is a stateless protocol for IP connection / data transfer (in addition to an HTML document, an image file associated with the HTML document) / disconnection. HTTP is defined in a technical document rfc (Request For Comments) 2616 published by IETF (Internet Engineering Task Force) (http://www.ietf.org/rfc/rfc2616.txt).
[0004]
The Web server transmits resources (HTML document, image file, music file, video file, etc.) on the server to the Web browser in response to a request from the Web browser. Here, the Web server includes not only a server that simply transmits an HTML document or the like on the server but also a server that executes an application program on the server and transmits an HTML document or the like generated based on the output result. An application program that generates an HTML document based on the output result of the application program is created in a program language such as Perl (Practical Extraction and Report Language), Java, or the like. As is well known, an application program created in Perl can generate a dynamic HTML document using a CGI (Common Gateway Interface) technique.
On the other hand, the web browser receives resources on the server from the web browser, analyzes the resources, and displays or reproduces them on the display or speaker of the user terminal. In addition, the Web browser can also receive input from the user and transmit it to the Web server. Here, examples of Web browsers include Netscape Navigator (Communicator) from Netscape Communications, Internet Explorer from Microsoft, and the like.
[0005]
By the way, a provider that provides an application service, that is, an application service provider (ASP), is a vendor who develops an application program. In other words, vendors themselves develop application programs, develop business process programs (user authentication programs, billing processing programs, etc.), and allow users to use application programs that incorporate business process programs for a fee via a computer network. ing.
[Problems to be solved by the invention]
Current methods and systems for providing application services have the following problems.
[0006]
For example, a plurality of users may naturally use the same application program at the same time. In this case, since the application program needs to generate data such as an HTML document for each of a plurality of users, the processing speed of the application program decreases.
[0007]
Here, in order to prevent a decrease in the processing speed of the application program, the problem can be solved by increasing the processing capability of a server (hereinafter also referred to as “application server”) in which the application program is stored.
However, at present, the cost of the application server is drastically increased as the processing capability is increased. Specifically, the cost of the application server is more than doubled when the CPU (Central Processing Unit) clock frequency, which depends on the calculation speed, and the router communication speed, etc., which depend on the data transmission speed, double. Needless to say. Further, in the current technology, there is an upper limit on the CPU clock frequency and the like. Therefore, since there is a limit to increasing the processing capacity of the application server, when a certain number of users use the same application program at the same time, a decrease in the processing speed of the application program can be prevented. When a very large number of users use the same application program at the same time, the processing speed of the application program decreases.
[0008]
Further, in order to prevent a decrease in the processing speed of the application program, it can be solved by installing a plurality of application servers. That is, the application program is distributed to a plurality of application servers, and the number of users who use the application program stored in one application server is distributed. Thereby, it is possible to prevent a decrease in the processing speed of the application program.
As a result, for example, the same user may naturally use the same application program on a plurality of application servers. That is, the same user starts using the same application program on a certain application server, and the use is temporarily stopped (temporary saving). After that, it may naturally occur that the same user resumes using the same application program on another application server. In this case, since each business process program is incorporated in an application program (user authentication program, billing processing program, etc.), the same user is authenticated in units of application servers, and billing processing is performed for the same user. It will be.
[0009]
Therefore, when the application service provider (ASP) requests payment of the usage fee for the same user, the provider that performs the application service provider collects the result of the charging process for the same user at each of the application servers. Thus, the amount of the usage fee is calculated. In addition, the amount of the usage fee, which is the result of the billing process, is calculated based on the actual data (usage time, number of times used, etc.) of the application program used by the user in the contract between the service provider and user Has been.
[0010]
Here, when the amount of the usage fee in the contract between the application service provider (ASP) and the user is linear with the usage time (actual data) of the user, the usage that is the result of the accounting processing for each application server Simply add the price. As an example, it is assumed that the amount of the usage fee in the contract is 1000 yen per hour (user usage time). Assume that A (user) uses A (application program) on the A server (application server) for 1 hour, and then A uses A on the B server for 2 hours. The server A calculates the amount of usage fee as 1000 yen as a result of the charging process, and the server B calculates the amount of usage fee as 2000 yen as a result of the charging process. On the other hand, it is only necessary to simply add each of the usage charges as a result of the accounting process (1000 yen + 2000 yen).
[0011]
However, in the contract between the application service provider (ASP) and the user, when the amount of the usage fee is not linear with respect to the usage time (actual data) of the user, the usage fee as a result of the accounting processing for each application server You cannot simply add the forehead. For example, the amount of the usage fee in the contract is 1000 yen / hour for a total usage time of up to 1 hour, and 2000 yen / hour for a total usage time of 1 hour to 2 hours. To do. As before, it is assumed that Mr. A uses A for 1 hour on the A server, and then Mr. A uses A for 2 hours on the B server. The server A calculates the amount of the usage fee as 1000 yen as a result of the charging process, and the server B calculates the amount of the usage fee as 3000 yen (1000 yen + 2000 yen) as a result of the charging process. On the other hand, simply adding each of the usage charges as a result of the billing process is 4000 yen (1000 yen + 3000 yen). On the other hand, if Mr. A uses A for 3 hours in the contract, the contract usage fee is 5000 yen (1000 × 1 + 2000 × 2).
[0012]
That is, when the contract usage fee is not linear with the user usage time (actual data), it is not possible to simply add the usage fee, which is the result of the accounting processing for each application server. Therefore, Mr. A must use A on the A server for 1 hour, and then Mr. A must use A again on the A server for 2 hours. That is, the same user must use the same application program on the same application server. As a result, even if the application program is distributed to a plurality of application servers, the number of users who use the application program stored in one application server may not be distributed. As a result, the processing speed of the application program decreases.
[0013]
The present invention has been made in view of the problems in the current method and system for providing an application service, and provides a method and system for providing an application service capable of preventing a decrease in processing speed of an application program. The task is to do.
[0014]
[Means for Solving the Problems]
The invention of claim 1 that solves the above-described problem includes: conversation request data for one application program among application programs stored in a plurality of application servers; authentication certificate data that has been authenticated in advance; The And transmission / reception from the user terminal to one application server in which the one application program is stored Do A first step, the authentication certificate data authenticated in advance, and authentication certificate data stored in advance in a data server; The In the one application server Leave Comparison Shi If it matches, The conversation response data and usage record data for the conversation request data are created by the one application program, and the authentication certificate data and the conversation response data that are authenticated again by the one application server, Transmission / reception to / from the user terminal from the one application server Do Second step and the usage record data The The one application Billing API built into the program To and from the data server Do And a third step of providing an application service.
[0015]
Therefore, according to the first aspect of the present invention, each of the plurality of application servers compares the received authentication certificate data with the authentication certificate data stored in advance in the data server to verify the validity of the received authentication certificate data. Sexuality can be confirmed. That is, each of the plurality of application servers can identify the same user. In other words, user management uniformity can be realized among a plurality of application servers. Accordingly, there is an advantage that the application program can be distributed to a plurality of application servers to prevent a decrease in the processing speed of the application program.
[0016]
According to a second aspect of the present invention, there is provided: conversation request data for another application program among the application programs stored in the plurality of application servers after the third step, and the authentication certificate data re-authenticated. The The user terminal transmits / receives the other application program to another application server. Do A fourth step, the authentication certificate data re-authenticated, and the authentication certificate data stored in advance. The To the other application server Leave Comparison Shi If they match, the conversation response data and usage record data for the conversation request data The The other application program Created by Shi And the conversation response data and authentication certificate data re-authenticated by the other application server; The , Send and receive from the other application server to the user terminal Do Fifth step and the usage record data The The other application Billing API built into the program To and from the data server Do 6. A method for providing an application service according to claim 1, comprising a sixth step.
[0017]
Therefore, according to the invention of claim 2, there is the advantage of the invention of claim 1, and the user transmits the authentication certificate data re-authenticated by one application program to another application program, so that another application You can use the program. As a result, the user can use the same application program on another application server, and can freely use different application programs within the scope of the contract. In this way, since the user is not limited to the same application server, the user is distributed to a plurality of application servers. Thereby, there is an advantage that a decrease in the processing speed of the application program can be prevented.
[0018]
Further, the invention of claim 3 is characterized in that after the third step or the sixth step. In addition, the fourth step, the fifth step and the sixth step are performed once. Run repeatedly 7th step to A method for providing an application service according to claim 1, wherein the method provides an application service.
[0019]
Therefore, according to the invention of claim 3, there is the advantage of the invention of claim 1 or claim 2, and after the user connects from one application server to another application server, the user is stored again in one application server. The same application program can be used. For example, even if the user switches the connection to another application server, the processing speed of other application programs stored in the other application server is not necessarily high. Therefore, when the processing speed of the other application program is low, the user can prevent further reduction in the processing speed of the other application program by resuming the use of the one application program.
[0020]
The invention of claim 4 is the application according to the first aspect. Billing API built into the program And / or said other applications Billing API built into the program Amount data based on usage data received from The To the data server Leave Create Do The method for providing an application service according to any one of claims 1 to 3, further comprising a step.
[0021]
Therefore, according to the invention of claim 4, there is an advantage of any one of the inventions of claims 1 to 3, and usage result data is transmitted from each of the application servers to the data server. Even if the amount is not linear with the user's usage time (actual data), the actual usage data can be collected by the data server and charged, and the amount of usage can be calculated. That is, there is an advantage that the uniformity of billing management can be realized among a plurality of application servers.
[0022]
Further, the invention of claim 5 is the response time data of the application program. The Periodically transmit / receive to / from the data server Do A monitoring step, connection request data for the application program and user identification data before the first step; The And transmission / reception to / from any one of the plurality of application servers from the user terminal Do A login step, the user identification data, and user identification data stored in advance in the data server; The In any one of the application servers Leave Comparison Shi If they match, the authentication certificate data authenticated in advance according to the first step The Stored in the data server Shi , Each of the response time data The Transmission / reception from the data server to any one of the application servers do it Of the response time data each The fastest application server that stores the application program with the shortest response time specify Menu data Create And the previously authenticated authentication certificate data and the menu data The And transmission / reception to / from the user terminal from any one of the application servers Do Authentication step, and based on the menu data Connect to the fastest application server from the user terminal A first application server according to the first step is the first step as the fastest application server. The Execution Do The method for providing an application service according to any one of claims 1 to 4, wherein the application service is provided.
[0023]
Therefore, according to the invention of claim 5, there is the advantage of any one of the inventions of claims 1 to 4, and the response time data of the application program is monitored, so that the processing speed of the application program is reduced. There is an advantage that it can be surely prevented.
[0024]
According to a sixth aspect of the present invention, in the second step and / or the fifth step, the authentication certificate data, the authentication certificate data stored in advance, The Comparison Shi If they match, the authentication certificate data stored in advance The New authentication certificate data to the one application server and / or the other application server Leave Change Shi And the new authentication certificate data The Stored in the data server Do Authentication certificate data re-authenticated, including a step The , Send and receive as the new authentication certificate data Do 6. A method for providing an application service according to claim 1, wherein the application service is provided.
[0025]
The invention of claim 7 is that the authentication certificate data according to the first step is encrypted authentication certificate data encrypted in advance, and the second step and / or the fifth step. Is The above In advance Authentication Authentication certificate data The above To one application server and / or the other application server Leave encryption Generating encrypted authentication certificate data, and generating the encrypted authentication certificate data Store in the data server Do Authentication certificate data re-authenticated, including a step As , Said Encrypted authentication certificate data The Send and receive Do The method for providing an application service according to claim 1, wherein the application service is provided.
[0026]
Therefore Claim 6 Or Claim 7 According to the invention, there is an advantage that forgery of authentication certificate data can be prevented.
[0036]
The current method and system for providing application services also have the following problems.
[0037]
Since it is necessary for vendors themselves to develop business process programs (user authentication programs, billing processing programs, etc.), it is necessary to install facilities (program developers, program development servers, etc.) necessary for developing business process programs. That is, it is necessary for vendors themselves to install facilities necessary for developing business process programs and operate business processes. Since the installation cost of this equipment and the operational cost of business processes are high, only major vendors with a substantial amount of capital are application service providers (ASPs). Therefore, there has been a problem that vendors cannot easily enter the application service provider business.
[0038]
In addition, since the installation cost and business process operation cost required for the development of business process programs are expensive, even major vendors are able to use application programs at a high price for the first time. The current situation is that Therefore, there is a problem that the number or types of application programs available to the user is practically small.
[0039]
Furthermore, since major vendors individually become application service providers (ASPs), the user needs to make a contract in advance for each application service provider (ASP) and pay the application program usage fee. Therefore, there is a problem that the user has complicated administrative procedures such as contracts and payment of usage fees.
[0040]
In claim 13, authentication certificate data previously authenticated by the authentication system is input to the application program,
The pre-authentication authentication certificate data is input to the authentication system via an authentication API (Application Program Interface),
A method for authenticating a user using an authentication function program includes the step of outputting authentication certificate data re-authenticated by the authentication system to the application program via the authentication API.
[0041]
A fourteenth aspect of the present invention is a computer-readable recording medium on which an authentication function program for executing the steps according to the thirteenth aspect is recorded.
[0042]
Therefore, according to the invention of claim 13 or claim 14, the application program can be managed by the user only by incorporating an authentication API (Application Program Interface) into the application program. That is, it is not necessary to develop a user authentication program simply by developing an application program. This has the advantage that vendors can easily enter the business of application service providers.
[0043]
Further, claim 15 is a first step in which conversation request data for an application program is input to the application program;
A second step in which conversation response data for the conversation request data is created by the application program;
A third step in which usage record data for the conversation request data is created by the application program;
And a fourth step in which the usage record data is input to a charging system via a charging API.
[0044]
Therefore, according to the fifteenth aspect of the present invention, the application program can charge the user only by incorporating a charging API (Application Program Interface) into the application program. That is, it is not necessary to develop a billing processing program simply by developing an application program. This has the advantage that vendors can easily enter the business of application service providers.
[0045]
According to a sixteenth aspect of the present invention, a process start time is created by the application program after the first step and before the second step.
A process end time is created by the application program after the second step and before the third step,
16. The user billing method by a billing function program according to claim 15, wherein the third step creates the usage record data based on the process start time and the process end time.
[0046]
Further, according to claim 17, in the third step, the usage record data is created based on a charge item based on the conversation request data and the conversation response data. This is a user charging method using the charging function program.
[0047]
An eighteenth aspect is a computer-readable recording medium on which a charging function program for executing all the steps according to any one of the fifteenth to seventeenth aspects is recorded.
[0048]
Therefore, according to any one of claims 16 to 18, the application program can charge according to the usage mode of the user.
[0049]
Further, according to claim 19, authentication certificate data previously authenticated by the authentication system is received from the user terminal by the application program,
The pre-authenticated authentication certificate data is input to the authentication system via the authentication API;
And authentication certificate data re-authenticated by the authentication system is transmitted to the user terminal from the application program via the authentication API.
[0050]
Further, claim 20 is a first step in which conversation request data for an application program is received by the application program from a user terminal;
A second step in which conversation response data for the conversation request data is created by the application program;
A third step in which usage record data for the conversation request data is created by the application program;
And a fourth step in which the usage record data is input from the application program to the billing system via a billing API.
[0051]
Further, in the twenty-first aspect, a process start time is created by the application program after the first step and before the second step.
A process end time is created by the application program after the second step and before the third step,
21. The charging method for a user by an application program according to claim 20, wherein the third step creates the usage record data based on the processing start time and the processing end time.
[0052]
Further, according to claim 22, in the third step, the usage record data is created based on a charge item based on the conversation request data and the conversation response data. This is a user charging method using the application program.
[0053]
Further, claim 23 is the step according to claim 19,
All the steps as described in any one of Claims 20-22 are included, It is a user's charge and the charge method characterized by the above-mentioned.
[0054]
A twenty-fourth aspect is a computer-readable recording medium on which an application program for executing all the steps according to any one of the nineteenth to twenty-third aspects is recorded.
[0055]
Therefore, according to any one of claims 19 to 24, the application program can authenticate the user and / or charge only by creating the application program incorporating the authentication API and / or the charging API. That is, it is not necessary to develop a user authentication and / or billing processing program simply by developing an application program incorporating the authentication API and / or billing API. This has the advantage that vendors can easily enter the business of application service providers.
[0056]
Further, the present invention provides a log-in step in which user identification data is received from a user terminal to an authentication system stored in an application server;
The user identification data is authenticated by the authentication system;
An authentication step in which authentication certificate data previously authenticated by the authentication system is transmitted from the authentication system to the user terminal;
A first step in which conversation request data for an application program and the pre-authenticated authentication certificate data are received from the user terminal by the application program;
The pre-authenticated authentication certificate data is input to the authentication system via an authentication API embedded in the application program;
The pre-authenticated authentication certificate data is re-authenticated by the authentication system;
A re-authentication step in which authentication certificate data re-authenticated by the authentication system is output to the application program via an authentication API;
A second step in which conversation response data for the conversation request data is created by the application program;
A third step in which usage record data for the conversation request data is created by the application program;
The re-authentication authentication certificate data and the conversation response data are transmitted from the application program to a user terminal;
And a fourth step of inputting the usage record data from the application program to a charging system stored in the data server via a charging API, and a user authentication and charging method by the application server. .
[0057]
A twenty-sixth aspect is a computer-readable recording medium in which an application program and an authentication system program stored in an application server for executing all the steps according to the twenty-fifth aspect are recorded.
[0058]
Therefore, according to the invention of claim 25 or claim 26, the vendor can provide the application service only by storing the application program incorporating the authentication API and the billing API and the authentication system in the application server. That is, there is an advantage that the vendor can easily enter the business of the application service provider.
[0059]
In addition, a login step in which user identification data is transmitted and received from the user terminal to the authentication system stored in the application server,
The user identification data is authenticated by the authentication system;
An authentication step in which authentication certificate data previously authenticated by the authentication system is transmitted from the authentication system to the user terminal;
A first step in which conversation request data for an application program and the pre-authenticated authentication certificate data are transmitted and received from the user terminal to the application program;
The pre-authenticated authentication certificate data is input to the authentication system via an authentication API embedded in the application program;
The pre-authenticated authentication certificate data is re-authenticated by the authentication system;
A re-authentication step in which authentication certificate data re-authenticated by the authentication system is output to the application program via an authentication API;
A second step in which conversation response data for the conversation request data is created by the application program;
A third step in which usage record data for the conversation request data is created by the application program;
The authentication certificate data re-authenticated and the conversation response data are transmitted and received from the application program to the user terminal;
And a fourth step in which the usage record data is input to a charging system stored in a data server from the application program via a charging API.
[0060]
Therefore, according to the invention of claim 27, the vendor can provide the application service only by storing the application program incorporating the authentication API and the charging API and the authentication system in the application server. That is, there is an advantage that the vendor can easily enter the business of the application service provider.
[0061]
Further, since the vendor does not need to develop a user authentication and billing processing program, a new application program can be developed. In this case, the vendor can provide a plurality of application services only by storing the new application program in the application server. That is, there is an advantage that the number or types of application programs available to the user increases.
Here, each of the plurality of application programs can identify the user by one authentication system via the authentication API. In other words, user management uniformity can be realized among a plurality of application programs.
[0062]
Furthermore, when another vendor develops another application program, another vendor also provides an application service by simply storing another application program on the application server with a plurality of application programs and one authentication system. Can do. In other words, the application server can allow a user to use application programs of a plurality of vendors for a fee.
Here, the application programs of a plurality of vendors can calculate the usage amount by totaling the usage record data by a single charging system via the charging API. In other words, the uniformity of billing management can be realized among a plurality of vendors. The accounting system calculates the usage amount for each user and asks the user to pay, while the accounting system calculates the usage amount for each vendor and pays the vendor. Thereby, the user has an advantage that office procedures such as payment of a usage fee are not complicated.
[0063]
Further, in the re-authentication step, the re-authentication step includes a case where the pre-authentication authentication certificate data and the authentication certificate data pre-stored in the authentication data holding system are compared and matched by the authentication system.
The authentication certificate data stored in advance is changed to new authentication certificate data by the authentication system,
And the new authentication certificate data is stored in an authentication data holding system stored in the data server,
28. The method for providing an application service according to claim 27, wherein the re-authenticated authentication certificate data is output as the new authentication certificate data.
[0064]
Further, in claim 29, the authentication certificate data related to the authentication step is encrypted authentication certificate data encrypted in advance by the authentication system,
In the re-authentication step, when the authentication certificate data pre-authenticated and the authentication certificate data pre-stored in the authentication data holding system are compared and matched by the authentication system,
The pre-stored authentication certificate data is encrypted by the authentication system into new encrypted authentication certificate data,
The new encrypted authentication certificate data is stored in an authentication data holding system stored in the data server,
The method for providing an application service according to claim 27 or 28, wherein the re-authenticated authentication certificate data is output as the new encrypted authentication certificate data.
[0065]
Therefore, according to the invention of claim 28 or claim 29, there is an advantage that forgery of authentication certificate data can be prevented.
[0066]
The thirty-third aspect receives user identification data from a user terminal,
Authenticate the user identification data and send pre-authenticated authentication certificate data to the user terminal;
The pre-authenticated authentication certificate data is input from an application program via an authentication API incorporated in the application program,
An authentication system for re-authenticating the pre-authenticated authentication certificate data and outputting the re-authenticated authentication certificate data to the application program via the authentication API;
Receiving the conversation request data and the pre-authenticated authentication certificate data from the user terminal;
Inputting the pre-authenticated authentication certificate data into the authentication system;
The re-authenticated authentication certificate data is output from the authentication system,
Create conversation response data and usage record data for the conversation request data,
Transmitting the authentication certificate data and the conversation response data that are re-authenticated to the user terminal;
An application server comprising: an application program for inputting the usage record data to a charging system stored in a data server via a charging API.
[0067]
The claim 31 stores authentication certificate data previously authenticated by the authentication system stored in the application server from the authentication system,
An authentication data holding system in which authentication certificate data re-authenticated by the authentication system is stored from the authentication system;
And a billing system for inputting usage record data from an application stored in the application server via an authentication API incorporated in the application program.
[0068]
A thirty-second aspect is a system for providing an application service comprising the application server according to the thirty-third aspect and the data server according to the thirty-first aspect.
[0069]
Therefore, according to any one of claims 30 to 32, the vendor can provide the application service only by storing the application program incorporating the authentication API and the charging API and the authentication system in the application server. it can. That is, there is an advantage that the vendor can easily enter the business of the application service provider.
[0070]
Further, since the vendor does not need to develop a user authentication and billing processing program, a new application program can be developed. In this case, the vendor can provide a plurality of application services only by storing the new application program in the application server. That is, there is an advantage that the number or types of application programs available to the user increases.
Here, each of the plurality of application programs can identify the user by one authentication system via the authentication API. In other words, user management uniformity can be realized among a plurality of application programs.
[0071]
Furthermore, when another vendor develops another application program, another vendor also provides an application service by simply storing another application program on the application server with a plurality of application programs and one authentication system. Can do. In other words, the application server can allow a user to use application programs of a plurality of vendors for a fee.
Here, the application programs of a plurality of vendors can calculate the usage amount by totaling the usage record data by a single charging system via the charging API. In other words, the uniformity of billing management can be realized among a plurality of vendors. The accounting system calculates the usage amount for each user and asks the user to pay, while the accounting system calculates the usage amount for each vendor and pays the vendor. Thereby, the user has an advantage that office procedures such as payment of a usage fee are not complicated.
[0072]
The current method and system for providing application services also have the following problems.
[0073]
[Load distribution of application programs]
When connection requests from a plurality of users concentrate on a certain application program A at the same time, the load on the server A storing the application program A increases. In this case, since the processing speed of the application program A is reduced, the response time for the application program A for a plurality of users is delayed, and the network traffic amount of the server A is reduced. At this time, if the load balancer (a device that distributes the load of the conventional application program) measures the network traffic amount of a plurality of servers and the smallest network traffic amount is the server A, the load balancer It will be directed to the application program A of the server A.
In other words, even if the load on the application program is high, the user may connect to the application program, so that there is a problem that the load on the application program cannot always be accurately distributed.
[0074]
[Switch to standby application program]
In addition, because load balancers and clustering (conventional device for switching to a standby application program) perform communication for checking normal operation on a server basis, switching to a standby system in the event of a failure is performed on a server basis. Will be going. Therefore, for example, when a failure occurs in the application program A of a certain server A and the application program B of the server A is operating normally, a failure has occurred in the server A, so the server B switches to the standby server B. It will be. At this time, the user who uses the application program B normally operating on the server A can forcibly terminate the application program B on the server A or change the application program B while the server A switches to the standby server B. It cannot be used.
That is, even if the application program of the server to be connected is operating normally, the application program of the standby server may be switched, so that there is a problem that switching to the standby application program cannot always be performed accurately.
[0075]
The claim 33 is a first step in which conversation request data for an application program is input to the application program;
A second step in which a processing start time is created by the application program after the first step;
A third step in which conversation response data for the conversation request data is output from the application program;
A fourth step in which a processing end time is created by the application program after the third step;
A fifth step in which response time data of the application program is created by the application program based on the processing start time and the processing end time;
A sixth step in which the response time data is input from the application program to a monitoring API (Application Program Interface); a seventh step in which the monitoring request data is input from the monitoring system (agent) to the monitoring API; ,
And an eighth step of outputting the response time data from the monitoring API to the monitoring system (agent).
[0076]
Therefore, according to the invention of claim 33, the response time of the application program can be monitored. Therefore, when loads such as connection requests to the application program are concentrated on one application program, the response time of a plurality of application programs It is possible to cause other application programs to handle the load. That is, a decrease in the processing speed of one application program can be prevented. In other words, there is an advantage that load distribution of the application program can be performed accurately.
[0077]
Further, the 34th aspect of the present invention includes the first step, the second step, the third step, the fourth step, the fifth step, and the sixth step before the eighth step, And a ninth step in which a series of steps of the seventh step is repeated N (N is 1 or more) times,
The eighth step is a result of the ninth step being executed,
The monitoring function program according to claim 33, wherein average response time data based on the N response time data input to the monitoring API is output as response time data according to the eighth step. Is a method for monitoring an application program.
[0078]
Therefore, according to the invention of claim 34, there are advantages of the invention of claim 33, and the response time of the application program can be accurately monitored. Thereby, there is an advantage that load distribution of the application program can be performed more accurately.
[0079]
A thirty-fifth aspect is a computer-readable recording medium on which a monitoring function program for executing all the steps according to the thirty-third or thirty-fourth aspects is recorded.
[0080]
Therefore, according to the invention of claim 35, the response time of the application program can be monitored only by incorporating the monitoring API into the application program. Thereby, there is an advantage that load distribution of the application program can be performed more accurately.
[0081]
Further, claim 36 is a first step in which conversation request data for the application program is received from the user terminal to the application program;
A second step in which a processing start time is created by the application program after the first step;
A third step in which conversation response data for the conversation request data is transmitted from the application program to the user terminal;
A fourth step in which a processing end time is created by the application program after the third step;
A fifth step in which response time data of the application program is created by the application program based on the processing start time and the processing end time;
A sixth step in which the response time data is input to the monitoring API from the application program;
A seventh step in which monitoring request data is input to the monitoring API from a monitoring system (agent);
An application program monitoring method using an application program, comprising: an eighth step in which the response time data is output from the monitoring API to the monitoring system (agent).
[0082]
Further, the 37th aspect includes the first step, the second step, the third step, the fourth step, the fifth step, and the sixth step before the eighth step, And a ninth step in which a series of steps of the seventh step is repeated N (N is 1 or more) times,
The eighth step is a result of the ninth step being executed,
The application program according to claim 36, wherein average response time data based on the N response time data input to the monitoring API is output as response time data according to the eighth step. This is an application program monitoring method.
[0083]
A thirty-eighth aspect is a computer-readable recording medium on which an application program for executing all the steps according to the thirty-sixth or thirty-seventh aspect is recorded.
[0084]
Therefore, according to the invention of any one of claims 36 to 38, the response time of the application program can be monitored. Therefore, when loads such as connection requests to the application program are concentrated on one application program, The load can be processed by another application program having a short response time among the plurality of application programs. That is, a decrease in the processing speed of one application program can be prevented. In other words, there is an advantage that load distribution of the application program can be performed accurately.
[0085]
The claim 39 is a first step in which conversation request data for the application program stored in the application server is received from the user terminal by the application program;
A second step in which a processing start time is created by the application program after the first step;
A third step in which conversation response data for the conversation request data is transmitted from the application program to the user terminal;
A fourth step in which a processing end time is created by the application program after the third step;
A fifth step in which response time data of the application program is created by the application program based on the processing start time and the processing end time;
A sixth step in which the response time data is input from the application program to a monitoring API embedded in the application program;
A seventh step in which monitoring request data is input to the monitoring API from a monitoring system (agent) stored in the application server;
An application program monitoring method by an application server, comprising: an eighth step in which the response time data is output from the monitoring API to the monitoring system (agent).
[0086]
In addition, the 40th aspect includes the first step, the second step, the third step, the fourth step, the fifth step, and the sixth step before the eighth step, And a ninth step in which a series of steps of the seventh step is repeated N (N is 1 or more) times,
The eighth step is a result of the ninth step being executed,
The application server according to claim 39, wherein average response time data based on the N response time data input to the monitoring API is output as response time data according to the eighth step. This is an application program monitoring method.
[0087]
Therefore, according to the invention of claim 39 or claim 40, the response time of the application program can be monitored. Thereby, there is an advantage that the load distribution of the application program can be accurately performed.
[0088]
Further, the 41st aspect includes the first step, the second step, the third step, the fourth step, the fifth step, the sixth step, the seventh step, A ninth step and a tenth step in which a series of steps of the eighth step is repeated M (M is 1 or more) times or more;
As a result of execution of the ninth step,
When the average response time data according to the eighth step is not output M times to the monitoring system (agent),
The failure occurrence data indicating that a failure has occurred in the application program includes an eleventh step created by the monitoring system (agent). It is a monitoring method.
[0089]
Therefore, according to the invention of claim 41, there is the advantage of the invention of claim 39 or claim 40, and the occurrence of a failure can be monitored in units of application programs. As a result, when an application program in which a failure has occurred and another application that operates normally are stored in the application server, it is possible to switch to an application program that waits only for a user who uses the application program in which a failure has occurred. it can. On the other hand, a user who uses another application that operates normally can continue to use the other application. As a result, there is an advantage that switching to the standby application program can be performed accurately.
[0090]
Further, claim 42 is a computer readable recording of an application program and a monitoring system (agent) program stored in an application server for executing all the steps according to any one of claims 39 to 41. Recording medium.
[0091]
Therefore, according to the invention of claim 42, the response time of the application program can be monitored by storing the application program and the monitoring system (agent) in the application server. Thereby, there is an advantage that the load distribution of the application program can be accurately performed.
Further, the occurrence of a failure can be monitored for each application program. As a result, there is an advantage that switching to the standby application program can be performed accurately.
[0092]
A 43rd aspect is the first step in which the conversation request data for each of the application programs stored in the plurality of application servers is transmitted / received from the user terminal to each of the application programs;
A second step in which a processing start time is created by each of the application programs after the first step;
A third step in which conversation response data for each of the conversation request data is transmitted and received from each of the application programs to the user terminal;
A fourth step in which a processing end time is created by each of the application programs after the third step;
A fifth step in which each response time data of the application program is created by each of the application programs based on the processing start time and the processing end time;
A sixth step in which the response time data is input from the application program to each of the monitoring APIs embedded in the application program;
A seventh step in which monitoring request data is input to the monitoring API from each of the monitoring systems (agents) stored in the application server;
An eighth step in which the response time data is output from each of the monitoring APIs to each of the monitoring systems (agents);
A monitoring step comprising: a ninth step in which the response time data is stored in each of the server lists stored in the data server from each of the monitoring systems (agents);
A dynamic menu generation system in which connection request data for any one of the application programs is stored in any one application server in which any one application program is stored from a certain user terminal. Steps sent and received,
Response time data stored in each of the server lists is input from the data server to the dynamic menu generation system,
Menu data that can identify the fastest application server in which the application program with the shortest response time is stored among each of the response time data is created by the dynamic menu generation system,
The menu data includes a dynamic menu step transmitted and received from the dynamic menu generating system to the certain user terminal. A method for providing an application service, comprising:
[0093]
Therefore, according to the invention of claim 43, since the response time data of the application program is monitored, a certain user can be directed to the fastest application server. Thereby, there is an advantage that the load distribution of the application program can be accurately performed.
[0094]
According to a 44th aspect of the present invention, the monitoring step includes the first step, the second step, the third step, the fourth step, the fifth step, and the eighth step before the eighth step. A sixth step and a tenth step in which a series of steps of the seventh step is repeatedly executed N (N is 1 or more) times,
As a result of the execution of the tenth step, the eighth step is
Average response time data based on the N response time data input to each of the monitoring APIs is output as each of the response time data according to the eighth step,
In the server list according to the ninth step, each of the average response time data is stored as each of response time data,
In the dynamic menu step, each of the average response time data is output from the data server as each of response time data related to the dynamic menu step,
44. The method of claim 43, wherein the menu data is created as each of the average response time data as response time data according to the dynamic menu step. .
[0095]
Therefore, according to the invention of claim 44, there are advantages of the invention of claim 43, and response time data of the application program can be accurately monitored. Thereby, there is an advantage that load distribution of the application program can be performed more accurately.
[0096]
Further, the monitoring step includes the first step, the second step, the third step, the fourth step, the fifth step, and the sixth step, An eleventh step in which a series of steps of the seventh step, the tenth step, and the eighth step is repeated M (M is 1 or more) times;
As a result of the execution of the tenth step,
If the average response time data according to the eighth step is not output M times from a certain monitoring API among the monitoring APIs to the monitoring system (agent), there is a failure in an application program in which the certain monitoring API is incorporated. A twelfth step in which failure occurrence data indicating that a failure has occurred is created by a monitoring system (agent) stored in a certain application server in which the certain application program is stored;
The failure occurrence data comprises a thirteenth step in which the failure data is stored in a server list of the server list from the certain monitoring system (agent);
In the dynamic menu step, when failure occurrence data stored in the certain server list is input from the data server to the dynamic menu generation system, the menu data is an application that created the failure occurrence data. 45. The method for providing an application service according to claim 44, wherein the fastest application server excluding the server can be specified.
[0097]
Therefore, according to the invention of claim 45, there is the advantage of the invention of claim 43 or claim 44, and the occurrence of a failure can be monitored in units of application programs. As a result, when an application program in which a failure has occurred and another application that operates normally are stored in the application server, it is possible to switch to an application program that waits only for a user who uses the application program in which a failure has occurred. it can. On the other hand, a user who uses another application that operates normally can continue to use the other application. As a result, there is an advantage that switching to the standby application program can be performed accurately.
[0098]
Further, the monitoring step in which response time data of an application program is periodically transmitted and received from each of the plurality of application servers to the data server;
Connection request data for any one of the application programs is transmitted / received from any user terminal to any one application server storing the any application program;
Each of the response time data is transmitted and received from the data server to any one of the application servers,
And the menu data which can specify the fastest application server in which the application program with the shortest response time is stored among each of the response time data is transmitted and received from the any one application server to the certain user terminal, Is an application program monitoring method including
[0099]
Therefore, according to the invention of claim 46, since the response time data of the application program is monitored, a certain user can be directed to the fastest application server. Thereby, there is an advantage that the load distribution of the application program can be accurately performed.
[0100]
DETAILED DESCRIPTION OF THE INVENTION
A method and system for providing an application service according to an embodiment of the present invention will be described below with reference to the drawings.
[0101]
(Embodiment 1)
First, a system for providing an application service according to the first embodiment of the present invention will be described with reference to FIG.
FIG. 5 is a block diagram showing a configuration example of a system that provides an application service according to the first embodiment of the present invention.
[0102]
First, referring to FIG. 5, a system for providing an application service according to the first embodiment includes a user terminal (100) that uses an application program and a plurality of application servers (300, 400,. And a data server (500) for storing various data.
Here, the user terminal (100) and each of the plurality of application servers (300, 400,...) Are configured to be mutually connectable via the computer network (200). The data server (500) and the one or more application servers (300, 400,...) Are mainly composed of a comprehensive information communication network (LAN) used in the same organization, a public line, Alternatively, they can be connected to each other via a dedicated line or the like. The user terminal (100), the plurality of application servers (300, 400,...), And the data server (500) can be connected to each other via the computer network (200). Good.
The computer network (200) is, for example, the Internet, a wide area network (WAN), or the like. Further, the computer network (200), the LAN, etc., regardless of wired or wireless, between the user terminal (100) and the application server (300, 400,...), The user terminal (100) and the data server (500) ), Between the application server (300, 400,...) And the data server (500), and between the user terminal (100), the application server (300, 400,...), And the data server (500). As long as it is for transmitting and receiving data to and from each other.
[0103]
The user terminal (100) includes a Web browser (101) that enables access to the home page via the computer network (200), display means (not shown) that can display the home page, characters, symbols, and the like Input means (not shown) such as a keyboard (button) and a mouse.
Here, the user terminal (100) is, for example, a personal computer (desktop personal computer, notebook personal computer), a mobile phone, or the like.
[0104]
Each of the plurality of application servers (300, 400,...) Includes storage means for storing resource data (not shown) such as HTML document data, an authentication system (301) for authenticating the user, A dynamic menu generation system (302) that dynamically generates a menu; an application program A (310,...) Provided for a fee via a computer network (200); and a Web server (390). .
Each of the application programs A (310) includes an authentication API (303) and a charging API (304).
Further, the web server (390) communicates with the web browser (101) of the user terminal (100) by HTTP. That is, the Web server (390) relays communication between the authentication system (301), the dynamic menu generation system (302), and the application program A (310), and the Web browser (101).
Here, the application server (300, 400,...) Is, for example, a so-called server (an office computer having a large storage capacity such as a hard disk), a personal computer, or the like.
[0105]
The data server (500) includes an authentication data holding system (501) for storing data necessary for user authentication (including a user ID, password, terminal identifier, etc.) and a list of available application programs agreed in advance for each user. And a billing system (503) for accumulating usage record data and creating a bill for each user application program.
Here, the data server (500) is, for example, a so-called server or a personal computer.
[0106]
Of the components of the system that provides the application service according to the first embodiment, the authentication system (301), the dynamic menu generation system (302), the authentication API (303), and the accounting API (304) The authentication data holding system (501), the menu data holding system (502), and the charging system (503) have the functions of the present invention, and these components are called ASP-based systems.
[0107]
Next, a system and method for preparing to provide an application service as a premise of the method and system for providing an application service according to an embodiment of the present invention will be described with reference to FIGS. To do. The system method for preparing to provide an application service includes a method for preparing an application program (steps A1 to A5) and a method for registering a user who uses the application program (steps B1 to B5). .
FIG. 1 is a block diagram showing a configuration example of a system for preparing for providing an application service. FIG. 2 is a flowchart for explaining a method for preparing an application program.
[0108]
An authentication system (301), a dynamic menu generation system (302), an authentication API (303), and a billing API (304) are stored in the application server 1 (300) in advance. . The remaining authentication data holding system (501), menu data holding system (502), and billing system (503) of the ASP base system are stored in the application server 1 (300). The server storing the ASP infrastructure system is not limited to the application server 1 (300), but may be any server that can store the ASP infrastructure system.
In addition, the developed application program is stored in the vendor terminal (700).
[0109]
[Step A1]
(How to prepare an application program)
An ASP infrastructure system (authentication system (301), dynamic menu generation system (302), authentication API (303), billing API (304)) related to the application server 1 (300) is a public line or dedicated line (220), Alternatively, the application server 1 (300) is provided via an auxiliary storage medium (230) such as a magneto-optical disk (MO: Magneto Optical disk), an optical disk (CD: Compact Disk, DVD: Digital Versatile Disk), a floppy disk (FD: Floppy Disk), or the like. ) To the vendor terminal (700).
[0110]
[Step A2]
In order to adapt the developed application program to the ASP platform system, the provided authentication API (303) and charging API (304) are incorporated into the application program developed by the vendor terminal (700).
[0111]
[Step A3]
Since the application server 2 (400) also provides application program services, the provided authentication system (301) and dynamic menu generation system (302) are connected from the vendor terminal (700) via the LAN (210) to the application server 2 ( 400) and stored. Here, the authentication system (301) and the dynamic menu generation system (302) of the ASP base system may be installed in the application server 2 (400) via the public line (220, 230). Needless to say.
[0112]
[Step A4]
An application program (310) in which an authentication API (303) and a charging API (304) are incorporated is transferred from the vendor terminal (700) to the application server 1 (300) and the application server 2 (400) via a LAN or the like (210, 220, 230). ) Installed and stored via.
[0113]
[Step A5]
Application information (function outline, detailed explanation, link to demo program, contract conditions (including price list)) of application program (310) stored in application server 1 (300) and application server 2 (400) is data It is registered and stored in the server (500).
[0114]
When a plurality of application programs (310, 320,...) Are stored in each of the plurality of application servers (300, 400,...), The application programs (310, 320,...) Are stored. Application information for each of these is registered and stored in the data server (500).
[0115]
FIG. 3 is a flowchart for explaining a user registration method using an application program.
[0116]
[Step B1]
(Registering users who use application programs)
First, the user terminal (100) connects to the data server (500).
[0117]
[Step B2]
On the other hand, the data server (500) transmits application information to the user terminal (100). The data server (500) searches for application information in which the search condition input from the user terminal (100) matches a part of the function outline included in the application information, and the application information that matches the search condition is retrieved by the user. A means for transmitting to the terminal (100) is provided.
[0118]
[Step B3]
The user terminal (100) inputs search conditions, receives application information, and displays it on display means (not shown) of the user terminal (100). Here, for example, the application information display screen shown in FIG. 4 is displayed on the display means of the user terminal (100).
Referring to FIG. 4, the displayed application information display screen is a list of application names (for example, Japanese-English translation, encyclopedia) and function outlines. Here, the user can click each button of “detail display button”, “demo display button”, and “charge display button” displayed on the display means with the mouse. When the “detail display button” is clicked, a function detail explanation screen (not shown) of the application program is displayed on the display means. When the “demo display button” is clicked, the application program demo program is executed, and an application demo screen (not shown) is displayed on the display means. In addition, when the “detail display button” is clicked, a contract condition screen (not shown) indicating contract conditions such as a fee table is displayed on the display means.
[0119]
[Step B4]
When the user decides the application program (encyclopedia) to be used, the user checks the “radio button (selection)” of the application program (● in FIG. 4) and clicks the “contract application button”.
Thereafter, a user registration screen (not shown) is displayed on the display means of the user terminal (100), and the user is required to register user information (company name, responsible person name, address, telephone number, payment method, terminal identifier, etc.) ) Is transmitted to the data server (500). Here, the terminal identifier is the IP address (IP address) or the fully qualified domain name (FQDN) of the user terminal (100). For example, the IP address is 192.168.001.001, and the FQDN is www. ○○○. co. jp.
[0120]
[Step B5]
On the other hand, the data server (500) receives necessary user information from the user terminal (100) and issues user information (user ID (user identification data), password) necessary for use. The data server (500) includes user information (user ID, password, company name, responsible person name, address, telephone number, payment method, terminal identifier, etc.) added to the user information necessary for registration plus the user information necessary for use. ) Is registered and stored.
[0121]
[Step B6]
The data server (500) sends information necessary for use (user ID, password) to the user terminal (100) for notification.
[0122]
Next, a method for providing an application service according to the embodiment of the present invention will be described with reference to FIG.
[0123]
[Step C1: Login step]
Connection request data for the application program is transmitted / received from the user terminal (100) to any one of the plurality of application servers (300, 400,...). Here, the application server 1 (300) receives the connection request data via the Web server (390) by the authentication system (301). On the other hand, the application server 1 (300) transmits login screen data from the authentication system (301) to the user terminal (100) via the Web server (390).
On the other hand, when the user terminal (100) receives the login screen data via the Web browser (101), the login screen is displayed on the display means of the user terminal (100). Next, the user inputs a login ID (user identification data) and a password, and transmits them to the application server 1 (300). On the other hand, the application server 1 (300) inputs a login ID (user identification data) and a password to the authentication system (301) via the Web server (390).
[0124]
Since packet data of login ID (user identification data) and password is transmitted / received from the user terminal (100) to the application server 1 (300) by the IP protocol, the packet data is always transmitted from the transmission source (user terminal (100 ) And the transmission destination (IP protocol of the application server 1 (300)).
Therefore, the application server 1 (300) receives the login ID (user identification data) and the password, and extracts the IP address (terminal identifier) of the user terminal (100) from the packet data to the authentication system (301). You can also enter it.
[0125]
[Step C2: Authentication step]
Next, the approval system (301) compares the input login ID (user identification data) and password with the user ID (user identification data) and password stored in advance in the authentication data holding system (501). . As a result of this comparison, when the input login ID and password match the user ID and password stored in advance, the authentication system (301) authenticates the user of the user terminal (100). At this time, the authentication system (301) creates authentication certificate data including the user ID and the time of authentication, and stores it in the authentication data holding system (501).
Here, when the authentication certificate data includes the authentication time, the authentication certificate data can have an expiration date. Further, by including the time when the authentication certificate data is authenticated together with the user ID, unique authentication certificate data that is different every time at the time of approval can be created. There is an advantage that the authentication certificate data can be prevented from being counterfeited because the authentication certificate data is managed in time by the expiration date, or the authentication certificate data is different every time at the time of approval. In addition, by creating authentication certificate data encrypted by the authentication system (301), it is possible to enhance prevention of forgery of authentication certificate data.
[0126]
When the IP address (terminal identifier) is input, the authentication system (301) can further compare the input IP address (terminal identifier) with the terminal identifier stored in advance. As a result of this comparison, when the input login ID, password, and terminal identifier exactly match the user ID, password, and terminal identifier stored in advance, the authentication system (301) It is also possible to authenticate (100) users. As a result, the authentication system (301) can correctly authenticate only a legitimate user even if the login ID and password that are temporarily input are forged.
[0127]
[Step C3]
Next, the authentication system (301) activates the dynamic menu generation system (302) and inputs authentication certificate data to the dynamic menu generation system (302).
[0128]
[Step C4]
On the other hand, the dynamic menu generation system (302) acquires from the menu data holding system (702) an application program list that the user has contracted in advance with the user ID of the input authentication certificate data as a key.
Next, the dynamic menu generation system (302) acquires the server list from the menu data holding system (702) using the application program name of the acquired application program list as a key.
Here, when there are a plurality of acquired server lists, the dynamic menu generation system (302) acquires the error status and the average response time from the plurality of server lists.
Next, the dynamic menu generation system (302) selects a server list in which the extracted error status is in service and the extracted average response time is the minimum.
Next, the dynamic menu generation system (302) acquires a program file name and a server terminal identification name related to the selected server list.
Next, the dynamic menu generation system (302) dynamically creates menu data including URI (Universal Resource Identifier) information based on the acquired program file name and server terminal identification name.
The URI is defined in the technical document rfc2396 published by IETF (http://www.ietf.org/rfc/rfc2396.txt). Further, URI is synonymous with URL (Universal Resource Locator).
[0129]
[Step C5]
Next, the dynamic menu generation system (302) transmits the menu data and the authentication certificate data to the user terminal (100) via the Web server (390). When the authentication certificate data is encrypted, only the encrypted authentication certificate data is transmitted to the user terminal (100).
On the other hand, the user terminal (100) receives the menu data and the authentication certificate data from the Web server (390) via the Web browser (101). Here, the Web browser (101) primarily holds the authentication certificate data as a cookie.
[0130]
[Step C6]
When the user selects the application program A (310) on the user terminal (100), the user terminal (100) communicates with the application program A (310) stored in the application server 1 (300) according to the URI of the menu data. Request data (message) is transmitted to the application program A (310) via the Web browser (101). At this time, the user terminal (100) transmits the authentication certificate data as a cookie.
On the other hand, the application program A (310) receives the conversation request data (message) and the authentication certificate data by the application program A (310) via the Web server (390).
[0131]
[Step C7]
The application program A (310) sets the authentication certificate data in the authentication API (303) incorporated in the application program A (310). Here, the API (Application Program Interface) is a mechanism for using an external program such as an authentication system (301) and a charging system program (503) from within the application program A (310). More specifically, the API is defined by a sequence of class name, method name, and argument.
That is, the application program A (310) inputs the authentication certificate data to the authentication system (301) via the authentication API (303). Here, the authentication API (303) sends the authentication certificate data to the authentication system (301) and confirms the validity of the authentication certificate data.
[0132]
[Step C8: Re-authentication step]
On the other hand, the authentication system (301) compares the authentication certificate data input via the authentication API (303) with the authentication certificate data authenticated in advance. If the input authentication certificate data matches the authentication certificate data stored in advance as a result of this comparison, the authentication system (301) authenticates the user of the user terminal (100) again. At this time, the authentication system (301) creates authentication certificate data including the user ID and the time of re-authentication and stores the authentication certificate data in the authentication data holding system (501). In other words, the authentication system (301) updates the authentication time of the authentication certificate and stores it in the authentication data holding system (501).
Next, the authentication system (301) outputs the re-authenticated authentication certificate data to the application program A (310) via the authentication API (303).
[0133]
[Step C9]
Next, the application program A (310) creates conversation response data (message) for the conversation request data (message).
Next, the application program A (310) transmits the created conversation response data (message) and the re-authenticated authentication certificate to the user terminal (100) via the Web server (390).
On the other hand, the user terminal (100) receives the created conversation response data (message) and the re-authenticated authentication certificate from the Web server (390) via the Web browser (101). Here, the re-authenticated authentication certificate is transmitted and received as a cookie from the Web server (390) to the Web browser (101).
Thereafter, every time a message is transmitted / received between the user terminal (100) and the application A (310), authentication certificate data is authenticated and updated. Accordingly, it is possible to further strengthen the prevention of forgery of authentication certificate data.
[0134]
[Step C10]
When the user finishes using the application program A (310), the usage record data is output to the charging system (503) via the charging API (304).
[0135]
[Step C11]
The URI included in the menu data in step C6 can specify the application program A (310) stored in the application server 1 (300). That is, in step C4, since the average response time of the application program A (310) stored in the application server 1 (300) is minimum, the URI is stored in the application program A (300) stored in the application server 1 (300). 310) could be specified.
However, when the average response time of the application program A (310) stored in the application server 2 (400) is minimum, the URI related to the menu data created by the dynamic menu generation system (302) is the application server 2 ( 400), the application program A (310) stored can be specified.
In this case, when the user selects the application program A (310) on the user terminal (100), the user terminal (100) is stored in the application server 2 (400) according to the URI of the menu data. ) Is sent to the application program A (310) via the Web browser (101). At this time, the user terminal (100) transmits the authentication certificate data as a cookie.
On the other hand, the application program A (310) stored in the application server 2 (400) sends the conversation request data (message) and the authentication certificate data to the application program A (310) via the Web server (390). Receive.
[0136]
[Step C12]
The application program A (310) inputs the authentication certificate data to the authentication system (301) via the authentication API (303).
[0137]
[Step C13]
On the other hand, the authentication system (301) compares the authentication certificate data input via the authentication API (303) with the authentication certificate data authenticated in advance. If the input authentication certificate data matches the authentication certificate data stored in advance as a result of this comparison, the authentication system (301) authenticates the user of the user terminal (100) again. At this time, the authentication system (301) creates authentication certificate data including the user ID and the time of re-authentication and stores the authentication certificate data in the authentication data holding system (501).
Next, the authentication system (301) outputs the re-authenticated authentication certificate data to the application program A (310) via the authentication API (303).
[0138]
As described above, the application server 1 (300) and the application server 2 (400) receive the authentication certificate data by the mechanism of the cookie and store it in the authentication data holding system (501) via the authentication system (301). The validity of the received authentication certificate data can be confirmed in comparison with the authentication certificate data. That is, in addition to the application program A (310) stored in the application server 1 (300) to which the user first logged in, the application stored in the application server 2 (400) different from the application server 1 (300) that logged in first. Program A (310) can also identify the same user. In other words, user management uniformity can be realized among a plurality of application servers.
[0139]
[Step C14]
When the user finishes using the application program A (310), the usage record data is output to the charging system (503) via the charging API (304).
When the application program has a unique usage record data output function, the application program has a function of converting to a unified usage record data format and transmitting it to the billing system (503) by file transfer.
[0140]
Next, a method for providing an application service according to an embodiment of the present invention will be briefly described with reference to FIGS.
FIG. 6 is a flowchart when the user uses an application program stored in the application server 1 (300).
[Step D1]
The user terminal (100) is connected to the application server 1 (300).
[Step D2]
The application server 1 (300) transmits a login screen to the user terminal (100).
[Step D3]
The user terminal (100) transmits a user ID and a password to the application server 1 (300).
[Step D4]
The application server 1 (300) checks the user ID, the password, and the terminal identifier of the user terminal (100) as necessary.
[Step D5]
When the user terminal (100) selects an application program, the user terminal (100) connects to the application server 1 (300) according to the URI.
[Step D6]
The application server 1 (300) starts the application program selected according to the URI.
[Step D7]
The user uses the application program on the user terminal (100) and ends.
[Step D8]
When the user terminates the application program on the application server 1 (300), usage result data is accumulated.
[0141]
FIG. 7 is a flowchart when the user uses an application program stored in the application server 2 (400).
[Steps E1 to E4]
The same as steps D1 to D4.
[Step E5]
When the user terminal (100) selects an application program, the user terminal (100) connects to the application server 2 (400) according to the URI.
[Step E6]
The application server 2 (400) activates the application program selected according to the URI.
[Step E7]
The user uses the application program on the user terminal (100) and ends.
[Step E8]
When the user terminates the application program on the application server 2 (400), usage result data is accumulated.
[0142]
FIG. 8 is a flowchart of charging.
[Step F1]
The data server (500) totals the usage record data that is periodically accumulated for each application for each user.
[Step F2]
The data server (500) executes billing processing, issues an invoice, and sends it to the user by e-mail, mail or the like.
[Step F3]
The user pays the usage fee to the data server (500) by electronic money, a credit card, an account transfer or the like.
[Step F4]
The data server (500) totals application usage fees for each vendor.
[Step F5]
The data server (500) pays the application usage fee to the vendor terminal (700) by electronic money, account transfer or the like.
[0143]
Next, a method for incorporating the authentication API (303) and the charging API (304) according to [Step A2] into the application program will be described with reference to FIG. 9 and FIG.
FIG. 9 is a flowchart showing a method of incorporating the authentication API (303) into the application program. A method of incorporating the authentication API (303) into the application program will be described with reference to this flowchart.
First, a flow for processing an input message of a general application program before installation will be described.
[0144]
[Step G1]
The application program receives a message (conversation request data) from the user terminal (100).
[Step G2]
The application program compares whether the received message ID is equal to the process ID. If the received message ID is equal to the process 1, the corresponding process 1 is executed (to step G5). If the received message ID is not equal to process 1, it is compared whether it is equal to the next process ID (to step G3).
[Step G3]
The application program compares whether the received message ID is equal to process 2. If the received message ID is equal to the process 2, the corresponding process 2 is executed (to step G6). If the received message ID is not equal to process 2, it is compared with the next process ID (to step G4).
[Step G4]
The application program compares whether the received message ID is equal to the process n. If the received message ID is equal to the process n, the corresponding process n is executed (to step G7). If the received message ID is not equal to the process n, an error process is performed (to step G8).
[Step G5]
The application program processes the received message 1 and sends the result to the user terminal (100) in the HTML document format.
[Step G6]
The application program processes the received message 2 and sends the result to the user terminal (100) in the HTML document format.
[Step G7]
The application program processes the received message and sends the result to the user terminal (100) in the HTML document format.
[Step G8]
If the received message ID does not match the last process ID, the application program transmits an error message to the user terminal (100).
[0145]
Next, a method for incorporating the authentication API (303) into the application program will be described.
The following steps H1 to H6 are inserted between step G1 and step G2.
In step C5, the dynamic menu generation system (302) transmits the encrypted authentication certificate data to the user terminal (100). In step C6, the encrypted authentication certificate data is transmitted to the user terminal (100). ) To the application program.
[Step H1]
The application program receives the encrypted authentication certificate data from the user terminal (100) as a cookie.
[Step H2]
The application program sets the encrypted authentication certificate data as an argument of the authentication API (303).
[Step H3]
The application program calls the authentication API (303).
[Step H4]
The application program checks the value returned from the authentication API (303). If it is an invalid code, go to Step H5.
[Step H5]
The application program displays an error message and a login screen.
[Step H6]
The application program transmits the new encrypted authentication certificate data returned from the authentication API (303) to the user terminal (100) as a cookie.
A program for executing steps H1 to H6 is referred to as an authentication function program.
[0146]
FIG. 10 is a flowchart showing a method of incorporating the charging API (304) into the application program. A method of incorporating the authentication API (303) into the application program will be described with reference to this flowchart.
Step I2 is the process of the original application, and is the process shown by steps H5 to H7 in FIG. Step H1 is inserted immediately before step I2 (steps H5 to H7), and steps I3 to I5 are inserted after step I2.
[Step I1]
The application program acquires the machine time as the processing start time immediately before step I2.
[Step I2]
The application program processes and measures the usage amount to be charged.
[Step I3]
The application program acquires the machine time as the processing end time immediately after step I2.
[Step I4]
The application program creates usage record data (including user identification name, process start time, process time (= process end time-process start time), usage amount to be charged, etc. collected in step I2). (Refer to utilization result data (503-2) shown in FIG. 15.)
[Step I5]
The application program calls the billing API (304).
A program for executing steps I1 to I5 is referred to as a charging function program.
[0147]
(Embodiment 2)
Next, a method and system for providing an application service according to the second embodiment of the present invention will be described with reference to FIG.
FIG. 12 is a block diagram showing a configuration example of a system that provides an application service according to the second embodiment of the present invention.
Although the system according to the first embodiment of the present invention shown in FIG. 5 is composed of a plurality of application servers (300, 400,...), The system according to the second embodiment shown in FIG. (300).
[0148]
Next, a method for providing an application service according to an embodiment of the present invention will be described with reference to FIGS. 12 and 13 to 15.
Incidentally, this corresponds to Step C1 to Step C14.
[0149]
[Step L1]
The user connects to the application server 1 (300) established on the computer network (200) using the Web browser (101) of the user terminal (100).
[0150]
[Step L2]
The authentication system (301) sends login screen data to the user terminal (100) via the Web server (390).
[0151]
[Step L3]
The user inputs a login ID (user identification data) and a password from the login screen displayed on the display means of the user terminal (100).
[0152]
[Step L4]
The authentication system (301) receives the login ID and password received from the user terminal (100) and the terminal identifier of the user terminal (100) from the Web server (390). All or a combination of all of the user identification name, password, and terminal identifier, and authentication data (user ID, password, terminal received) from the authentication data holding system (501) using the login ID as a key The identifier is included (see FIG. 13. Authentication data 501-1). If they match, it is judged as normal, and if they do not match, it is judged as above.
[0153]
[Step L5]
If the authentication result of the authentication system (301) is normal, the authentication time (year / month / day / hour / minute / second) is acquired from the machine time. Next, the authentication system (301) creates authentication certificate data including the user ID and the time when authentication was performed. At the same time, the authentication system (301) encrypts the authentication certificate data and creates encrypted authentication certificate data.
Next, the authentication system (301) sends the authentication certificate data before encryption and the encrypted authentication certificate to the user authentication data holding system (501) using the encrypted authentication certificate as a key (FIG. 13. Authentication certificate). Document data 501-2). Then, the authentication system (301) activates the dynamic menu generation system (302) and delivers the user ID and the encrypted authentication certificate. Here, a one-way encryption algorithm that cannot be decrypted by a third party is used to encrypt the authentication certificate. For example, the digest function MD5 (defined in RFC1321) is used. Since the output result of MD5 is binary, the data encoded by BASE64 is used as encrypted authentication certificate data in order to make the network transparent.
[0154]
[Step L6]
The dynamic menu generation system (302) uses a user ID as a key to list a list of application programs that can be used by the user from the menu data holding system (502) (see FIG. 14. Application program list 502-1) and each application program. Is received (see FIG. 14, server list 502-2). The application program list (502-1) includes a user ID and an application program name. The server list (502-2) includes an application program name, a server terminal identification name, and a program file name.
[0155]
[Step L7]
The dynamic menu generation system (302) generates menu data by combining the authentication certificate data that has been converted into a cookie and the list of application programs that can be used by the user into a URI format. The dynamic menu generation system (302) sends the generated menu data to the user terminal (100) via the Web server (390).
[0156]
[Step L8]
When the user selects application A (310) from the menu screen, the web browser (101) connects to the selected application using the URI of application A (310). At this time, the user terminal (100) sends out the encrypted authentication certificate data received in step L7 as a cookie.
[0157]
[Step L9]
The application A (310) receives the authentication certificate data encrypted as a cookie via the Web server (390). The application A (310) stores the encrypted authentication certificate data as an argument and calls the authentication API (303). The authentication API (303) sends the encrypted authentication certificate data to the authentication system (310), and requests validity confirmation.
[0158]
[Step L10]
The authentication system (301) extracts the authentication certificate data from the authentication data holding system (501) using the encrypted authentication certificate data as a key. If the authentication time included in the authentication certificate data is older than the no-communication timeout time determined in advance with the current machine time as a base point, it is determined that the encrypted authentication certificate is invalid. The authentication system (301) determines that the re-encrypted authentication certificate data extracted from the data holding system (501) is valid if it matches the received encrypted authentication certificate data, and is invalid if it does not match To do. If the authentication result of the authentication system (301) is valid, the authentication system (301) updates the authentication certificate data by changing the authentication time of the authentication certificate to the current machine time. Next, the authentication system (301) encrypts new authentication certificate data. The authentication system (301) registers new authentication certificate data in the authentication data holding system (401) using the encrypted authentication certificate data as a key, and deletes the old authentication certificate data.
[0159]
[Step L11]
The authentication system (301) returns an authentication result to the application A (310) via the authentication API (303). If the authentication result of the authentication system (301) is valid, a user ID and new encrypted authentication certificate data are returned, and if invalid, a code meaning invalid is returned.
[0160]
[Step L12]
If the authentication result of the authentication system (301) is normal, the application A (310) starts an application level conversation (message) with the user terminal (100). At this time, whenever the application A (310) receives data from the user terminal (100) via the Web server (390), the encrypted authentication certificate data is always sent as a cookie. -Validity is confirmed by the procedure of Step L11. When transmitting HTML document data to the user terminal (100) via the Web server (390), the application A (310) transmits the new encrypted authentication certificate data returned in step L11 as a cookie.
[0161]
[Step L13]
In the middle of a series of application level conversations (messages: conversation request data, conversation return data) or at the end of application A (310), application A (310) uses user identification name and time as usage record data (503-2). The usage function, the usage amount of the application to be billed determined by each application program, etc. are sent to the billing system (503) via the billing API (304). The billing system (503) accumulates the received usage record data, periodically totals them, and stores each application usage unit price for each application stored in the authentication data holding system (501) (FIG. 15. Unit price master). 503-1), the application usage amount for each user application is integrated, and the amount of the usage fee is calculated to create a bill.
[0162]
(Embodiment 3)
Next, a method and system for providing an application service according to the third embodiment of the present invention will be described with reference to FIG.
FIG. 16 is a block diagram showing a configuration example of a system for providing an application service according to the third embodiment of the present invention.
The system of Embodiment 3 shown in FIG. 16 adds a monitoring system (agent (306), server (704)) to the system of Embodiment 1 of the present invention shown in FIG. 310, 410) incorporate a monitoring API (305). The authentication system (301), authentication data holding system (701), billing system (703), authentication API (303), and billing billing API (304) are not shown.
[0163]
Each of the plurality of application servers (300, 400,...) Is a monitoring system (agent) that periodically inquires the operation status to the monitoring API (305) incorporated in each of the application programs (310, 410,...). ) (303).
Also, the monitoring API (305) collects data on the load status and failure status of the application program.
The data server (500) further includes a monitoring system (server) (704) that accumulates operation status data of application programs collected by the monitoring system (agent) (303).
[0164]
First, a method for incorporating the monitoring API (305) into the application program will be described with reference to FIG.
FIG. 11 is a flowchart showing a method of incorporating the monitoring API (305) into the application program. A method for incorporating the monitoring API (305) into the application program will be described with reference to this flowchart.
[0165]
First, the processing flow of a general application program before installation will be described.
[Step J1]
The application program inputs an event such as data reception from the terminal.
[Step J2]
If the input event is the end event of the application program, the application program goes to step J4.
[Step J3]
The application program executes a business process corresponding to the input event. When finished, wait for the next event input.
[Step J4]
When the application program inputs a termination event, it performs termination processing.
[0166]
Next, a method for incorporating the monitoring API (305) into the application program will be described.
[Step K1]
The application program generates an instance of the monitoring API (305) as an initial process before step J1.
[Step K2]
The application program acquires the machine time immediately before step J3 and temporarily saves it as the processing start time.
[Step K3]
The application program acquires the machine time immediately after step J3, calculates the processing time by subtracting the processing start time of step K2, and passes the processing time to the monitoring API (305) as a response time.
If an error has occurred in the business process (step J3), an error code and an error message are passed to the monitoring API (305).
[0167]
First, the monitoring API (305) holds the passed response time in the response time data (305-1) for a specified n times (for example, n = 10: n is a natural number of 1 or more). That is, the monitoring API (305) stores the latest 10 response times (see response time data (305-1) in FIG. 19).
The monitoring API (305) stores, in the response time data (305-1), the response time passed every time the response time is passed as the latest response time 1. At the same time, the monitoring API (305) stores the response time of response time 1 as response time 2 in the response time data (305-1) and responds with the response time of response time 2 as response time 3. The response time stored in the time data (305-1),..., The response time that was the response time 9 was stored in the response time data (305-1) as the response time 10 (n), and the response that was the response time 10 The time is discarded from the response time data (305-1).
The monitoring API (305) calculates the average response time of response time 1, response time 2... Response time 10 (n) stored in the response time data (305-1) every time the response time is passed. Then, the average response time (current) is stored in the response time data (305-1).
Further, the monitoring API (305) stores the error code and the error message in the response time data (305-1) each time it is passed. The monitoring API (305) stores the name of the application program in which the monitoring API (305) is incorporated in the response time data (305-1).
In addition, when the monitoring API (305) receives monitoring request data from the monitoring system (agent) (305), the monitoring API (305) stores the average response time (current) stored in the response time data (305-1), an error code, and An error message is output to the monitoring system (agent) (305).
[0168]
[Step K4]
The application program deletes the instance of the monitoring API (305) as the termination process after step J4.
A program for executing steps K1 to K4 is referred to as a monitoring function program.
[0169]
Next, a method for providing an application service according to the embodiment of the present invention will be described with reference to FIGS.
[0170]
[Step M1]
The monitoring system (agent) (305) of the application server 1 (300) is activated, and the server list (502-2) (related to the application server 1 (300) from the menu data holding system (502) of the database server (500). 18) and an application performance list (306-1) (see FIG. 19) is generated as an internal table. That is, the monitoring system (agent) (305) extracts the server list (502-2) using the server terminal identification name of the application server 1 (300) as a key, and the average response time of the extracted server list (502-2) Is stored in the average response time (current) of the application performance list (306-1).
As shown in FIG. 18, the server list (502-2) includes, for example, an application program name, a server terminal identification name, a program name, an error status, and an average response time. As shown in FIG. 19, the application performance list (306-1) includes, for example, an application program name, an error code, an error message, an average response time (current), an average response time (previous), It consists of a response time 1 and a response time n.
[0171]
Next, the monitoring system (agent) (305) inquires of the monitoring status to the monitoring API (305) incorporated in each of the application programs stored in the application server 1 (300) periodically (for example, every 10 seconds). I do. That is, the monitoring system (agent) (305) periodically inputs monitoring request data to the monitoring API (305). On the other hand, the monitoring API (305) outputs the average response time (current) of the application program stored in the response time data (305-1) to the monitoring system (agent) (305).
On the other hand, the monitoring system (agent) (305) stores the average response time (current) of the application program in the application performance list (306-1). At the same time, the monitoring system (agent) (305) stores the average response time (previous) as the average response time (previous), and stores the average response time (previous) as the average response time (current). Discard.
[0172]
[Step M2]
Incidentally, when an error occurs in the application program, the monitoring API (305) passes an error code and an error message from the application program. In this case, since the monitoring API (305) outputs the average response time (current), the error code, and the error message to the monitoring system (agent) (305), the monitoring system (agent) (305) outputs the application performance data (504). -1) is created and stored in the data server (500) (see FIG. 20).
Further, when a serious error occurs in the application program, the application does not operate, and the monitoring API (305) also does not operate. Accordingly, even if the monitoring system (agent) (305) inputs monitoring request data to the monitoring API (305), the monitoring API (305) cannot output anything. Therefore, when the monitoring system (agent) (305) does not respond from the monitoring API continuously for a predetermined number of times (for example, four times), the monitoring system (agent) (305) does not respond to the monitoring API (305). ) It is determined that a failure that cannot be serviced has occurred in the application program.
In this case, the monitoring system (agent) (305) updates the time, error code, and error message of the application performance data (504-1) stored in the data server. At the same time, the monitoring system (agent) (305) stores the error status of the server list (502-2) of the menu data holding system (502) as service suspension.
[0173]
[Step M3]
Further, when the processing capacity of the application program is reduced or when the processing capacity of the application program is improved, the monitoring API (305) obtains a long average response time (current) or a short average response time (current) from the application program. Passed. Therefore, in order to reflect the status of the processing capacity of the application program, the monitoring system (agent) (305) compares the average response time (current) and average response time (previous) of the application performance list (306-1) each time. When the average response time (current) fluctuates more than a predetermined value more than the average response time (previous), the monitoring system (agent) (305) displays the server list (502) of the menu data holding system (502). -2) is stored as the average response time (current).
[0174]
[Step M4]
On the other hand, connection request data for the application program is transmitted / received from the user terminal (100) to any one of the plurality of application servers (300, 400,...), And the first embodiment (first embodiment) Steps C1 to C3) are executed.
[0175]
[Step M5]
The dynamic menu generation system (302) acquires the server list (502-2) from the menu data holding system (702). Next, the dynamic menu generation system (302) acquires an error status and an average response time from a plurality of server lists.
Next, the dynamic menu generation system (302) selects a server list in which the extracted error status is in service and the extracted average response time is the minimum.
Next, the dynamic menu generation system (302) acquires a program file name and a server terminal identification name related to the selected server list.
Next, the dynamic menu generation system (302) dynamically creates menu data including URI (Universal Resource Identifier) information based on the acquired program file name and server terminal identification name.
Here, as an example, the menu data is as shown in FIG. The URI (http: // application server 2 / application A.asp) is created based on the program file name (application A.asp) and the server terminal identification name (application server 2).
[0176]
[Step M6]
The dynamic menu generation system (301) sends out the HTML document file for the menu screen as shown in FIG. 17 to the user terminal from the creation of the URI list created in step M5.
[0177]
[Step M7]
When the user selects the application program A from the menu screen using the Web browser (101) of the user terminal (100), the user connects to the Web server (390) of the application server 2 (400) indicated by the selected URI.
[0178]
[Step M8]
On the other hand, the application program A (310) stored in the application server 2 (400) is started from the Web server (390) of the application server 2 (400) according to the URI connected by the user. Thereafter, the user terminal (100) has a conversation with the application program A (310) of the application server 2 (400).
[0179]
[Step M9]
Further, when the user selects the application program B from the menu screen in step M7, the user connects to the Web server (390) of the application server 1 (300) indicated by the selected URL.
[0180]
[Step M10]
When step M9 is executed instead of step M7, the application program B (320) on the application server 1 (300) is activated from the Web server (390) of the application server 1 (300) according to the URI connected by the user. Is done. Thereafter, the user terminal (100) has a conversation with the application program B (320) of the application server 1 (300).
[0181]
【The invention's effect】
According to the method and system for providing an application service of the present invention, each of a plurality of application servers compares the received authentication certificate data with the authentication certificate data stored in advance in the data server, and receives the authentication certificate data. The validity of the authentication certificate data can be confirmed. That is, each of the plurality of application servers can identify the same user. In other words, user management uniformity can be realized among a plurality of application servers. Thereby, there is an effect that the application program can be distributed to a plurality of application servers to prevent a decrease in the processing speed of the application program.
[0182]
In addition, since the usage record data is transmitted from each of the application servers to the data server, even if the usage fee of the contract is not linear with the user usage time (actual data), the usage record data is stored on the data server. It is possible to collect and perform billing processing to calculate the amount of usage fee. That is, there is an effect that it is possible to realize uniformity of billing management among a plurality of application servers.
Further, since the response time data of the application program is monitored, there is an effect that it is possible to surely prevent a decrease in the processing speed of the application program.
[Brief description of the drawings]
FIG. 1 is a block diagram illustrating a configuration example of a system that prepares to provide an application service according to a first embodiment;
FIG. 2 is a flowchart for explaining a method of preparing an application program according to the first embodiment.
FIG. 3 is a flowchart for explaining a user registration method using the application program according to the first embodiment;
FIG. 4 is an application information display screen according to the first embodiment.
FIG. 5 is a block diagram illustrating a configuration example of a system that provides an application service according to the first embodiment;
FIG. 6 is a flowchart when the application program of the application server 1 according to the first embodiment is used.
FIG. 7 is a flowchart when the application program of the application server 2 according to the first embodiment is used.
FIG. 8 is a flowchart of charging according to the first embodiment.
FIG. 9 is a flowchart illustrating a method for incorporating the authentication API according to the first embodiment into an application program.
FIG. 10 is a flowchart showing a method for incorporating the charging API according to the first embodiment into an application program;
FIG. 11 is a flowchart illustrating a method for incorporating the monitoring API according to the third embodiment into an application program.
FIG. 12 is a block diagram illustrating a configuration example of a system that provides application services according to the second embodiment;
FIG. 13 is an example of data held by the authentication data holding system according to the second embodiment.
14 is a data example 1 held by the menu data holding system according to the second embodiment. FIG.
FIG. 15 is an example of data held by the charging system according to the second embodiment.
FIG. 16 is a block diagram illustrating a configuration example of a system that provides application services according to the third embodiment;
FIG. 17 is a source example of a menu screen according to the third embodiment.
FIG. 18 is a second example of data held by the menu data holding system according to the third embodiment.
FIG. 19 is an example of data managed by the monitoring API and monitoring system (agent) according to the third embodiment.
FIG. 20 is an example of data managed by the monitoring system (server) according to the third embodiment.
[Explanation of symbols]
100 user terminal
101 Web browser
200 computer network
210 LAN
220 Public or private line
230 Auxiliary storage media
300, 400 Application server
301 Authentication system
302 Dynamic menu generation system
303 Authentication API
304 Billing API
305 Monitoring API
305-1 Response time data
306 Monitoring system (agent)
310, 320 Application program
390 Web server
500 data server
501 Authentication data retention system
501-1 Authentication data
501-2 Authentication certificate data
502 Menu data retention system
502-1 Application Program List
502-2 server list
503 billing system
503-1 Unit price master
503-2 Usage results data
504 Monitoring system (server)
504-1 Application performance data
700 Vendor terminal

Claims (6)

Periodically sending response time data of application programs stored in a plurality of application servers from each of the plurality of application servers to the data server;
Transmitting connection request data and user identification data for the application program from a user terminal to any one of the plurality of application servers;
When the user identification data and the user identification data stored in advance in the data server are compared and matched in any one of the application servers, the authentication certificate data authenticated in advance is stored in the data server, Each of the response time data is transmitted from the data server to any one of the application servers, and menu data for designating a fastest application server in which an application program having the shortest response time is stored among the response time data. Creating and transmitting the pre-authenticated authentication certificate data and the menu data from the any one application server to the user terminal;
Based on the menu data, the user terminal is connected to the fastest application server, and the conversation request data for one application program among the application programs stored in the fastest application server and the authentication certificate data authenticated in advance. preparative, a first step of transmitting from the user terminal to the fastest application server the one application program are stored,
When the authentication certificate data pre-authenticated and the authentication certificate data stored in advance in the data server are compared and matched in the fastest application server, conversation response data for the conversation request data by the one application program create a use record data, and the fastest application server has authenticated again with the authentication certificate data said the conversation reply data, a second step of transmitting from the fastest application server to the user terminal,
A third step of transmitting the usage record data to the data server from a billing API embedded in the one application program;
A method for providing an application service comprising: Conversation request data for the other application programs and the re-authentication authentication certificate data among the application programs stored in the plurality of application servers after the third step are sent from the user terminal to the other application. A fourth step of sending to another application server where the program is stored;
When the authentication certificate data re-authenticated and the authentication certificate data stored in advance are compared and matched in the other application server, the conversation response data and the usage record data for the conversation request data are A fifth step of transmitting the conversation response data and the authentication certificate data re-authenticated by the other application server from the other application server to the user terminal, created by another application program;
A sixth step of transmitting the usage record data to the data server from a billing API embedded in the other application program;
The method for providing an application service according to claim 1, comprising: 7. A seventh step of repeatedly executing the fourth step, the fifth step, and the sixth step one or more times after the third step or the sixth step. A method for providing an application service according to claim 1. The method includes the step of creating, in the data server, usage amount data based on usage history data received from the accounting API incorporated in the one application program and / or the accounting API incorporated in the other application program. A method for providing an application service according to any one of claims 1 to 3. The second step and / or the fifth step include
When the authentication certificate data and the pre-stored authentication certificate data are compared and matched, the pre-stored authentication certificate data is replaced with the fastest application server and / or the new authentication certificate data. Changing in another application server and storing the new authentication certificate data in the data server,
The method for providing an application service according to any one of claims 1 to 4 , wherein the re-authenticated authentication certificate data is transmitted as the new authentication certificate data. The authentication certificate data according to the first step is encrypted authentication certificate data encrypted in advance;
In the second step and / or the fifth step, the authentication certificate data authenticated in advance is encrypted in the fastest application server and / or the other application server to generate encrypted authentication certificate data. And storing the encrypted authentication certificate data in the data server,
As the authentication certificate data to which the authenticated again, a method for providing application services as claimed in any one of claim 5, wherein the transmitting the encrypted been authenticated certificate data.

Images