JP5067396B2 - Access control device - Google Patents

Description

  The present invention relates to an access control apparatus that controls access to a server via a network.

  In a Web server that accepts access from a large number of people via the Internet, a short-term and concentrated access state (burst traffic) may occur. In some cases, burst traffic is caused by an unauthorized person who has caused a large amount of access by unauthorized means.

  When burst traffic occurs, the processing load on the Web server increases greatly, and the system may be stopped, and communication with a client that should normally maintain communication becomes difficult.

  In the past, there was a limit on the number of accesses, and when the number of accesses for each client exceeded the maximum number of times, the client's access was blocked to deal with clients that seemed to be accessing by unauthorized procedures. It was.

  In addition, in order to effectively respond to inquiries from each customer, a process of acquiring customer identification information and a Web screen transition pattern and presuming contents corresponding to the customer based on the screen transition pattern is provided. Are known.

JP 2007-102584 A

  When burst traffic occurs in a Web server that accepts access from a large number of clients, there are a mix of access that must be accepted, access that may be temporarily suspended, access that is illegal and unauthorized, and that should be blocked. ing. Therefore, it is necessary to examine what kind of client the access is from among a large number of accesses, and to preferentially process the access of important clients that should be accepted.

  Since the Web system originally performs a process of returning static content (screen) in response to a request, it does not process the request from the client with a priority. However, before the influence of burst traffic is exerted on the Web server, it is necessary to perform access control so that access to the Web server can be restricted. That is, it is necessary to specify the access to be preferentially processed using only the access information transmitted from the client without referring to the information (user information, authentication information, etc.) about the client managed by the server or the like.

  The purpose of the device disclosed in this application is to determine the status of a client in the site of the Web server based on the access information to the Web server, and to preferentially process access based on the determination result. It is to realize access control capable of distinguishing access that may be suspended or discarded.

  An apparatus disclosed in the present application receives an access request to a Web server of a client, and an access destination Web page (address information) issued by a client terminal is included in a site provided by the Web server ( The client information is classified based on the combination of the identification information of the screen) and the identification information of the Web page (screen) that issued the request. When an access request from a client is received during access control, it is determined whether to relay the received access request preferentially to the Web server based on the classification of the requested client.

  The outline of a typical access control device disclosed in the present application will be briefly described as follows. In other words, the disclosed access control device is a device that relays communication between the Web server and the client terminal, and sets content transitions for determining the priority state of the client when controlling access to the Web server. A determination information storage unit that holds the determination information, a client status information storage unit that records the client status, and an access request sent to the Web server sent by the client, and the received access request is analyzed and analyzed As a result, the identification information of the content accessed at the time of issuing this access request, the identification information of the content to be accessed by this access request, and the information for identifying the client that is the request source of this access request are obtained. Extracted and extracted The content management unit that sets the priority status in association with the requesting client when the order of the identification information of the content matches the content transition of the judgment information, and the access request issued by the client associated with the priority status Information indicating the request source of the received access request in the relay processing of the access request from the client to the Web server, and the client management unit that records the client status information that registers the information indicating the request source in the client status information storage unit , A communication control unit that requests access control to block or temporarily hold a received access request when it does not match the information indicating the client request source associated with the priority status recorded in the client status information storage unit With.

  According to the above-described apparatus, when performing access control in the relay process of the access request to the Web server, only the access request to be transmitted with priority can be transmitted to the Web server. Can be mitigated and the system stoppage of the Web server can be prevented.

It is a figure which shows the structural example of the access control apparatus 1 in one Example of this invention. It is a figure which shows the example of content information. It is a figure which shows the example of determination information. It is a figure which shows the example of client status information. It is a figure which shows the example of the client number management information according to a state. It is a figure which shows the example of the transition of the screen displayed on a client terminal, and the state of a client in regular access. It is a figure which shows the example of the transition of the screen displayed on a client terminal, and the state of a client when access control is performed. It is a figure which shows the example of the transition of the screen displayed on a client terminal, and the state of a client in the case of unauthorized access. It is a figure which shows the flow of a process of an access control apparatus (the 1). It is a figure which shows the flow of a process of an access control apparatus (the 2).

  FIG. 1 is a diagram illustrating a configuration example of an access control apparatus 1 according to an embodiment of the present invention.

  The access control device 1 functions as a proxy (proxy device) between the Web server 2 and the control display server 3 and relays communication between the Web server 2 or the control display server 3 and the client terminal 4. The access control device 1 controls access to the Web server 2 for an access request from the client terminal 4 when the number of accesses exceeds a certain level or when an instruction from the administrator is given.

  The Web server 2 is a device that provides a predetermined application through predetermined content (screen group), and predetermined information is provided through each screen and processing is executed.

  For example, a Web server that performs an application including a series of processing procedures, such as a Web server that provides a shopping service, often has a mechanism in which information and processing necessary for business are provided through each screen of the site.

  Therefore, the Web server 2 can estimate the processing performed by the client from the order of the screen accessed by the client, and identify the client that should preferentially process the next access based on the estimated processing. Can do.

  In the present embodiment, the Web server 2 provides a shopping service, and screen A (screen for performing login processing), screen B (screen for selecting a purchased product), screen C (screen indicating completion / logout), screen D (Site Portal Screen), Screen E (Screen for Payment), Screen F (Screen for Notifying Information), Screen X, Y (Screen for Management Work) shall be provided.

  The control display server 3 returns predetermined content to the client terminal 4 switched by the access control device 1 when the access control device 1 is executing access control.

  The client terminal 4 is a terminal used by a person who accesses the Web server 2, and issues a content access request to the Web server 2, displays the acquired content, and performs a predetermined operation. Have

  The access control device 1 includes a content information storage unit 11, a determination information storage unit 12, a client status information storage unit 13, a communication relay unit 14, a communication control unit 15, a content management unit 16, and a client management unit 17.

  The content information storage unit 11 stores content information registered with the type of content provided by the Web server 2 and identification information (Uniform Resource Identifier: URI) classified for each type.

  FIG. 2 is a diagram illustrating an example of content information.

  The content information includes identification information of content (screen) to be classified for each type. In this embodiment, four types of “normal request, key content (in), key content (out), and management content” are set as types.

  In the “normal request”, a screen accessible by a normal request from the client terminal 4 is registered. “Key content (in)” includes a screen in which the status of the requested client terminal 4 is set to “priority status” when a screen group classified as a normal request is accessed as a next access destination. Is set.

  When “key content (out)” is requested as the next access destination in the next access state from the screen group classified as key content (in), the state of the requested client terminal 4 is “normal state”. "Is set. “Managed content” is set with a screen group accessible only to the administrator.

  In the content information shown in FIG. 2, screen A, screen D, etc. are “normal request”, screen B, screen E, etc. are “key content (in)”, and screen C, screen F, etc. are “key content (out)”. ", Screen X, screen Y, etc. are classified as" management content ".

  The determination information storage unit 12 stores determination information in which a condition for determining the state of the client terminal 4 is set based on transition between screens (content transition).

  FIG. 3 is a diagram illustrating an example of determination information.

  In the determination information, “from”, which is extracted from the access request issued by the client terminal 4 and indicates the type in which the screen accessed when issuing the request is classified, and the type in which the screen to be accessed is classified The above four states are set based on the combination with “to” indicating. Here, “normal state, priority state, invalid state, and administrator (status)” is set as the status.

  “Normal state” indicates a status in which, during access control, an access request whose access destination is switched to the control display server 3 is relayed or an accepted access request is temporarily suspended. The “priority state” indicates a status of relaying the access request of the client terminal 4 as it is during access control. “Illegal state” indicates a status of blocking an access request. “Administrator status” indicates a status handled as an access request from the administrator terminal.

  Then, the “state” at the intersection between the row (from) and the column (to) of the determination information that matches the transition from “from” to “to” extracted from the address request is set as the determination result.

  The client status information storage unit 13 stores client status information indicating the access status of the client terminal 4.

  FIG. 4 is a diagram illustrating an example of client status information.

  In the client status information, access information (IP address, port number, header information, etc.) extracted from the access request is recorded and recorded as identification information of the client terminal 4 received by the communication relay unit 14 of the access control device 1. For each client terminal 4, the state (normal state / priority state / unauthorized state / manager (state)) determined by the content management unit 16 is set.

  The communication relay unit 14 performs communication relay processing between the client terminal 4 and the Web server 2 or the control display server 3. The communication relay unit 14 generates and holds TCP session information and manages relay processing.

  The communication control unit 15 refers to the access request received from the client terminal 4 by the communication relay unit 14, analyzes the access information (request, IP address, port number, etc. of the client terminal 4), and manages the analysis information as content management Pass to part 16.

  Upon receiving the access control request from the client management unit 17, the communication control unit 15 requests the communication relay unit 14 to control a predetermined communication relay process as an access control request.

  For example, the communication control unit 15 requests access control and switches the access destination of the access request of the client terminal 4 in the “normal state” to the control display server 3 for relaying. Alternatively, the communication control unit 15 requests access control together with a request for relaying the access request of the client terminal 4 in the “normal state” after temporarily holding it. Alternatively, the communication control unit 15 requests control for performing block processing on the access request of the client terminal 4 classified as “illegal state”.

  The content management unit 16 receives the analysis information of the access request transmitted from the client terminal 4 from the communication control unit 15, and from this analysis information, the identification information (from) of the screen accessed when the access request is issued, the access The identification information (to) of the screen to be extracted is extracted.

  Then, the content management unit 16 identifies each type from the extracted identification information of the two screens based on the content information. Furthermore, the content management unit 16 specifies a state that matches the combination of the “from” type and the “to” type from the determination information.

  For example, when the screen A is extracted as the accessing screen (from) and the screen B is extracted as the accessing screen (to) from the analysis information of the access request, the “from: normal request” is obtained from each type. ”And“ to: key content (in) ”are obtained, and the“ priority state ”is determined.

  In addition, when the first access request to the Web server 2 includes screen identification information that is not classified as “normal request”, the content management unit 16 immediately “unauthorized” the client terminal 4 that transmitted the access request. The state may be determined.

  The client management unit 17 receives the determination result of the content management unit 16 and information (IP address, port number, header information, etc.) of request source included in the access request, which is information for specifying the client terminal 4 , The determined state is associated and recorded in the client state information storage unit 13.

  Further, the client management unit 17 sets “maximum value” indicating the upper limit of the number of accesses for each state as the client number management information by state, and records the number of accesses currently accepted by the access control device 1. . Then, the client management unit 17 requests access control to the communication control unit 15 when the “current” count number in any of the states of the client number management information by state exceeds the “maximum value”, and accesses The communication control unit 15 is notified of the “state” to be controlled.

  FIG. 5 is a diagram illustrating an example of state-specific client number management information.

  In the number-of-states client number management information in FIG. 5, “maximum value” of the access number in “priority state” = 200 and “maximum value” of the access number in “administrator state” = 2 are set.

  As an example, when the number of accesses in the “priority state” exceeds the maximum value, the client management unit 17 sends a request for access control and information on the request source of the client terminal 4 in the “normal state” to the communication control unit 15. Notify

  The communication control unit 15 requests access control from the communication relay unit 14 based on the information received from the client management unit 17. In this case, based on the request source information of the client terminal 4 in the “normal state”, access control is performed by rewriting one of the corresponding client terminals 4 to the control display server 3 in the TCP session information. , Request to the communication relay unit 14. Thereby, since only the access request of the client terminal 4 whose communication relay unit 14 is in the “priority state” is transferred to the Web server 2, the access concentration to the Web server 2 is alleviated.

  Alternatively, the communication control unit 15 requests access control so that the session of the corresponding client terminal 4 is held for a predetermined time based on the information of the request source of the client terminal 4 in the “normal state”. Then, the communication relay unit 14 preferentially transfers the access request of the client terminal 4 in the “priority state”.

  As described above, the status of the requesting client based on the order of the contents extracted from the access request to the Web server received in the relay process, that is, the identification information of the accessed screen and the identification information of the screen to be accessed. Is specified as “priority state”. For example, when access control starts when the number of accesses exceeds a certain number or the administrator instructs, the client identified from the request source of the access request Only the access request of the client terminal 4 in the “state” can be transmitted to the Web server, and the access concentration of the Web server 2 can be eased.

  As another example, when the number of accesses in the “invalid state” is detected, the client management unit 17 sends an access control request and information on the request source of the client terminal 4 in the “invalid state” to the communication control unit 15. Notify

  The communication control unit 15 requests access control from the communication relay unit 14 based on the information received from the client management unit 17. In this case, the communication relay unit 14 is requested to perform access control that blocks the access request of the corresponding client terminal 4 based on the request source information of the client terminal 4 in the “illegal state”. Thereby, since the communication relay part 14 blocks the access request of the client terminal 4 of an "invalid state", it can protect the Web server 2 from unauthorized access.

  The relationship between the transition of the screen of the Web server 2 displayed on the client terminal 4 and the state of the client terminal 4 of the access control device 1 will be outlined below.

  6 to 8 are diagrams for explaining the relationship between the transition of the screen of the Web server 2 displayed on the client terminal 4 and the state of the client terminal 4 of the access control apparatus 1.

[Process in regular access procedure]
The relationship between the transition of the screen and the state of the client terminal 4 in the regular access procedure will be described with reference to FIG.

(1) Request for Top Screen When there is an access request from the client terminal 4 to the Web server 2, the access control device 1 receives this request and performs the following processing.

  As a known process, the communication relay unit 14 generates and holds TCP session information (IP address, port number, header information, etc.) for managing access request communication. Furthermore, the communication relay unit 14 transmits an access request to the Web server 2 if the access is not being controlled. A portal screen (screen D) returned from the Web server 2 via the access control device 1 is displayed on the browser 5 of the client terminal 4.

  The communication control unit 15 analyzes the information of the access request held by the communication relay unit 14, request source information for identifying the request source client terminal 4, and identification information of the screen accessed when the request is issued (from: none) ), The identification information (to: URI of the screen D) of the screen to be accessed is acquired and passed to the content management unit 16.

  The content management unit 16 refers to the content information in the content information storage unit 11 and identifies the type of screen from “from” and “to”. Here, “from (none)” and “to (screen D)” are respectively identified as “normal requests”.

  Furthermore, the content management unit 16 refers to the determination information in the determination information storage unit 12 and determines the state of the client terminal 4 based on the identified content type (from: normal request, to: normal request). . Here, it is determined as “normal state”.

  Next, the client management unit 17 stores the request source information of the requested client terminal 4 from the communication control unit 15 and the content management unit 16 in the client status information of the client status information storage unit 13. , 1 is added to the value of “current state” of the corresponding state (normal state) of the client count management information by state.

(2) Login screen request from the top screen When an access request to the login screen (screen A) is transmitted from the client terminal 4, the access control apparatus 1 receives this request.

  Since the communication relay unit 14 is not under access control, the login screen (screen A) is displayed on the browser 5 of the client terminal 4 in order to transmit the received access request to the Web server 2 as it is.

  The communication control unit 15, the content management unit 16, and the client management unit 17 of the access control device 1 perform processing in substantially the same manner as the processing (1).

  The communication control unit 15 includes request source information for identifying the request source client terminal 4, identification information of the screen accessed when the request is issued (from: URI of screen D), and identification information of the access destination screen (to: screen A URI) is acquired and passed to the content management unit 16.

  The content management unit 16 refers to the content information in the content information storage unit 11 and identifies the type of screen from “from” and “to”. Here, “from (screen D)” and “to (screen A)” are specified as “normal requests”, respectively.

  Furthermore, the content management unit 16 refers to the determination information in the determination information storage unit 12 and determines the state of the client terminal 4 based on the identified content type (from: normal request, to: normal request). . Here, it is determined as “as is (normal state)”.

  Next, since the determined state is “as it is (normal state)”, the client management unit 17 does not perform processing.

(3) Request for product selection screen from login screen An access request to the product selection screen (screen B) is transmitted from the client terminal 4, and the access control apparatus 1 receives this request.

  Since the communication relay unit 14 is not under access control from the communication control unit 15, the received access request is transmitted to the Web server 2, and a product selection screen (screen B) is displayed on the browser 5 of the client terminal 4. .

  The communication control unit 15, the content management unit 16, and the client management unit 17 of the access control device 1 perform the same process as the process (2).

  The communication control unit 15 includes request source information for identifying the request source client terminal 4, identification information of the screen accessed when the request is issued (from: URI of screen A), and identification information of the access destination screen (to: screen B URI) is acquired and passed to the content management unit 16.

  The content management unit 16 refers to the content information in the content information storage unit 11 and identifies the type of screen from “from” and “to”. Here, “from (screen A)” and “to (screen B)” are specified as “normal request” and “key content (in)”.

  Furthermore, the content management unit 16 refers to the determination information stored in the determination information storage unit 12 to determine the state of the client terminal 4 based on the identified content type (from: normal request, to: key content (in)). , “Priority state” is determined.

  Since the determined state has been changed, the client management unit 17 updates the state of the client terminal 4 corresponding to the client state information to “priority state”, and further, the “priority state” of the client count management information by state. “Current state” is incremented by 1, and “current state” of “normal state” is decremented by 1.

  Here, if the current number of accesses in the priority state exceeds the “maximum value”, the client management unit 17 records the access control request and the client state information 4 in the “normal state” client terminal 4. To the communication control unit 15.

  The communication control unit 15 requests the communication relay unit 14 to perform access control by rewriting the access destination of the access request of the “normal state” client terminal 4 to the control display server 3. When receiving this request, the communication relay unit 14 rewrites the TCP session information of the corresponding client terminal 4 and starts access control.

(4) Request for Payment Screen from Product Selection Screen An access request to the payment screen (screen E) is transmitted from the client terminal 4, and the access control device 1 receives this request.

  Here, the communication relay unit 14 is under access control, but if the client terminal 4 is not in the “normal state”, the communication relay unit 14 transmits the received access request to the Web server 2 and sends a settlement screen (screen E) to the client terminal 4. Is displayed.

  The communication control unit 15 includes request source information for identifying the request source client terminal 4, identification information of the screen accessed when the request is issued (from: URI of screen B), and identification information of the access destination screen (to: screen E URI) is acquired and passed to the content management unit 16.

  The content management unit 16 refers to the content information in the content information storage unit 11 and identifies the type of screen from “from” and “to”. Here, “from (screen B)” and “to (screen E)” are each identified as “key content (in)”.

  Further, the content management unit 16 refers to the determination information stored in the determination information storage unit 12 and determines the type of content specified (from: key content (in), to: key content (in). Is determined as “as is (priority state)”.

  Since the determined state is “as it is (priority state)”, the client management unit 17 does not perform processing.

(5) Request for completion / logout screen from settlement screen An access request to the completion / logout screen (screen C) is transmitted from the client terminal 4, and the access control apparatus 1 receives this request.

  Note that the communication relay unit 14 is performing access control from the communication control unit 15, but if the client terminal 4 is not in the “normal state”, the communication relay unit 14 transmits the received access request to the Web server 2 to complete / A logout screen (screen C) is displayed.

  The communication control unit 15 of the access control device 1 requests the request source information for identifying the client terminal 4 of the request source, the identification information of the screen accessed when the request is issued (from: URI of the screen E), and the identification of the access destination screen Information (to: URI of screen C) is acquired and passed to the content management unit 16.

  The content management unit 16 refers to the content information in the content information storage unit 11 and identifies the type of screen from “from” and “to”. Here, “from (screen E)” and “to (screen C)” are specified as “key content (in)” and “key content (out)”.

  The content management unit 16 refers to the determination information in the determination information storage unit 12 and determines the state of the client terminal 4 based on the identified content type (from: key content (in), to: key content (out)). Is determined to be “normal state”.

  Since the determined state has been changed, the client management unit 17 updates the state of the client terminal 4 corresponding to the client state information to “normal state”, and further sets the “normal state” of the client count management information by state. "Current status" is incremented by 1, and "Current status" of "Priority status" is decremented by 1.

  Here, when the “current state” of the “priority state” does not exceed the “maximum value”, the client management unit 17 requests the communication control unit 15 to stop access control. When the communication control unit 15 requests the communication relay unit 14 to stop access control, the communication relay unit 14 stops access control and returns to normal relay processing.

[Process when access control is executed]
The relationship between the screen transition and the state of the client terminal 4 when access control is executed will be described with reference to FIG.

(1) Request for Top Screen When an access request from the client terminal 4 to the Web server 2 is transmitted, the access control apparatus 1 receives this request and receives the (1 in the process of the regular access procedure). The same processing as that described in (1) is performed.

  Therefore, “normal state” is set as the state of the client terminal 4 in the client state information.

(2) Login Screen Request An access request to the login screen (screen A) is transmitted from the client terminal 4, and the access control device 1 receives this request.

  When access control is being performed, the communication relay unit 14 rewrites the access destination of this access request to the control display server 3 based on the TCP session information rewritten by the request of the communication control unit 15, and rewrites the rewritten access request. It transmits to the control display server 3.

  Therefore, instead of the login screen (screen A), the browser 5 of the client terminal 4 displays a message screen “Congested. Please wait” returned by the control display server 3.

[Process when unauthorized access is executed]
The relationship between the screen transition and the state of the client terminal 4 when unauthorized access is executed will be described with reference to FIG.

(1) Payment screen request When an access request to the payment screen (screen E) of the Web server 2 is transmitted from the client terminal 4 intended for unauthorized access, the access control device 1 receives this request, The process similar to the process described in (1) of [Process in regular access procedure] is performed.

  The communication control unit 15 analyzes the information of the access request held by the communication relay unit 14, request source information for identifying the request source client terminal 4, and identification information of the screen accessed when the request is issued (from: none) ), Identification information (to: URI of screen E) of the screen to be accessed is acquired and passed to the content management unit 16.

  Since the identification information (to: URI of screen E) of the access destination screen is something other than the “normal request” screen, the content management unit 16 determines that this client terminal 4 is “illegal state”.

  Then, the client management unit 17 sets the client status information, and counts up the “current status” of the “illegal status” in the client count management information by status.

  In addition, the client management unit 17 immediately notifies the communication control unit 15 of the access control request and the request source of the client terminal 4 in the “illegal state”.

  The communication control unit 15 requests the communication relay unit 14 to rewrite the TCP session information and requests control to block the access request of the client terminal 4 in the “illegal state”.

  Even if the communication relay unit 14 receives an access block control request from the communication control unit 15 and receives an access request from the client terminal 4, the communication relay unit 14 blocks communication by discarding the access request. The client terminal 4 cannot access the Web server 2.

  Note that the initial access request (screen E) of the client terminal 4 for unauthorized access is relayed to the Web server 2, but the Web server 2 does not perform login authentication on the login screen (screen A). Deny access to. Therefore, in practice, the payment screen (screen D) is not displayed on the browser of the client terminal 4. When an access request is transmitted again from the same client terminal 4 to the Web server 2, the access control device 1 blocks the access request, and therefore processing related to processing such as authentication and rejection notification in the Web server 2 The burden will be reduced.

  FIG. 9 and FIG. 10 are diagrams showing the flow of processing of the access control device 1.

  The communication relay unit 14 of the access control device 1 receives the TCP / IP communication from the client terminal 4 and creates and holds TCP session information related to the received communication (step S10).

  The communication relay unit 14 extracts TCP / IP header information and request information from the TCP session information (step S11), and determines whether the IP address (IP), port number (Port), or header information (header) is invalid. Is determined (step S12).

  If the extracted information is an illegal IP address, port number, or header information (YES in step S12), the communication relay unit 14 deletes the TCP session information (step S13).

  On the other hand, if the extracted information is not an illegal IP address or the like (NO in step S12), the communication control unit 15 determines information (IP address, port number, header) related to communication of the accessed client terminal 4 from the TCP session information. Information), analyzing the acquired information, request source identification information (IP address, port number, header information, etc. of the accessed client terminal 4), identification information of the content that issued the request (from URI), The identification information (toURI) of the access destination content is extracted (step S14).

  The content management unit 16 specifies the type of content based on the content identification information (fromURI) and the content identification information (toURI) (step S15). Further, the content management unit 16 refers to the determination information and determines the state of the client terminal 4 from the identified content type (step S16).

  The client management unit 17 obtains the determination result of the content management unit 16, and updates the client status information and the client count management information by status (step S17).

  When the content management unit 16 determines that the state of the client terminal 4 is “illegal state” (YES in step S18), the client management unit 17 requests access control to the communication control unit 15, and “ The request source identification information (IP address, port number, header, etc.) of the client terminal 4 in the “illegal state” is notified (step S19).

  The communication control unit 15 requests the communication relay unit 14 to control to block the access request from the client terminal 4 by rewriting the TCP session information of the client terminal 4 corresponding to the notified request source identification information (Step S1). S20).

  When the state of the client terminal 4 is not determined to be “illegal state” (NO in step S18), the client management unit 17 further sets the “current state” value of the “priority state” in the client number management information by state. It is determined whether or not the “maximum value” is exceeded (step S21). When the “current state” value of the “priority state” exceeds the “maximum value” (YES in step S21), the client management unit 17 requests access control to the communication control unit 15, and “normal” Request source identification information (IP address, port number, header, etc.) of the client terminal 4 determined as “state” is notified (step S22).

  The communication control unit 15 requests the communication relay unit 14 to change the access destination of the access request from the client terminal by rewriting the TCP session information of the client terminal 4 corresponding to the notified request source identification information. (Step S23).

  On the other hand, if the “current state” of the “priority state” does not exceed the “maximum value” (NO in step S21), the process ends.

  As shown in the present embodiment, when the access control device 1 is applied to a proxy device of a Web server at an e-commerce site, the following effects can be obtained.

  (1) Even if the access to the Web server 2 is concentrated, the access control device 1 relays only the access from the client terminal 4 that is preferentially handled to the Web server 2, so that the access concentration is immediately relaxed and the Web The system stop of the server 2 can be prevented.

  Therefore, since the client terminal 4 of the important customer is preferentially maintained in communication with the Web server 2, the procedure at the Web server 2 can be completed.

  (2) Since the access control apparatus 1 relays only access from the client terminal 4 that is handled preferentially to the Web server 2 when the access limit is approached due to concentration of access to the Web server 2, the Web By controlling the number of accesses according to the processing capability of the server 2, it is possible to maintain a response processing capability for important clients at a certain level, and to realize a response that does not reduce customer satisfaction.

  (3) When the Web server 2 is accessed by access by an unauthorized means performed by the unauthorized client terminal 4, the access control device 1 determines that the access from the client terminal 4 is “illegal state”, and Since access to the Web server 2 is immediately blocked, an attack caused by access to the Web server 2 can be prevented. Therefore, it is possible to realize a security measure for a commercial site that must allow access from an unspecified number of clients.

  For example, when the Web server 2 is a server providing a shopping service, a client (upper customer) who has already selected a purchased product on the product selection screen and has proceeded to the payment screen, and selects a product simply by logging in on the login screen It is thought that the access of the client (customer) who has not progressed to the screen and the client (illegal person) who is trying to browse the screen in the site by unauthorized means is mixed. In such a situation, if the system stops due to burst traffic on the Web server 2 and communication with the upper customer who is trying to process payment is interrupted, the procedure processing of the upper customer cannot be completed and an error occurs. This may be the cause of the purchase or the purchase itself may be canceled.

  The access control apparatus 1 can preferentially maintain communication between the customer and the Web server 2 as described above, and can prevent loss of transaction opportunities that may occur due to burst traffic.

  Moreover, although the access control apparatus 1 disclosed in the above embodiment has been described as a proxy apparatus including the communication relay unit 14 that relays communication between the Web server 2 and the client terminal 4, the access control apparatus 1 performs communication. It can be implemented as a communication relay device for relaying or a device incorporated in a load distribution device. In this case, the access control device 1 does not need to include the communication relay unit 14, and the function of the communication relay unit 14 is realized by the communication relay function of the communication relay device, the load distribution device, or the like.

  Further, the disclosed access control device 1 is configured so that each process of the communication relay unit 14, the communication control unit 15, the content management unit 16, and the client management unit 17 included in the access control device 1 is performed by reading and executing a program by a computer. It can be constructed by realizing the part.

  This program can be stored in an appropriate recording medium such as a portable medium memory, a semiconductor memory, or a hard disk, which can be read by a computer, and is provided by being recorded on these recording media. Alternatively, this program is provided by transmission and reception using various communication networks via a communication interface.

  The following supplementary notes are further disclosed with respect to the embodiment including the above examples.

(Supplementary Note 1) The disclosed access control device is a device that relays communication between a Web server and a client terminal,
A determination information storage unit that holds determination information that sets content transition for determining the priority state of the client at the time of controlling access to the Web server;
A client status information storage unit for recording the client status;
Upon receiving the access request to the Web server transmitted by the client, the received access request is analyzed, and based on the result of the analysis, the identification information of the content accessed at the time of issuing the access request and the access request When the identification information of the content to be accessed and the information for identifying the client that is the request source of the access request are extracted, and the order of the extracted content identification information matches the content transition of the determination information A content management unit that sets a priority state in association with the request source client;
A client management unit that records in the client state information storage unit client state information for registering information indicating a request source of an access request issued by a client associated with the priority state;
In the relay process of the access request from the client to the Web server, the information indicating the request source of the received access request indicates the client request source associated with the priority status recorded in the client status information storage unit An access control device comprising: a communication control unit that requests access control to block or temporarily hold a received access request when the information does not match.

(Supplementary Note 2) The communication control unit requests the access control to the Web server when the total number of clients associated with the priority state exceeds a predetermined number based on the client state information. The access control apparatus as set forth in appendix 1, wherein:

(Additional remark 3) The said determination information storage part hold | maintains the determination information which set the content transition for determining the unauthorized state of the client in the access control to the said web server,
The content management unit extracts the identification information of the content to be accessed by the access request and the information for specifying the client that is the request source of the access request, and the order of the extracted content identification information is If it matches the content transition for determining the invalid state of the determination information, the invalid state is set in association with the client that is the request source,
The client management unit records, in the client status information storage unit, client status information for registering information indicating a request source of an access request issued by a client associated with an illegal status by the content management unit,
In the relay process of the access request from the client to the Web server, the communication control unit is a client in which information indicating the request source of the received access request is associated with the unauthorized state recorded in the client state information storage unit The access control apparatus according to claim 1 or 2, wherein the access control device requests access control for blocking the received access request when the information matches the information indicating the request source.

(Supplementary Note 4) The determination information storage unit classifies the content of the Web server into a predetermined type, and holds information that sets a transition between the content types as the determination information,
The content management unit determines whether the order of content types corresponding to the order of the acquired address information matches a transition between content types of the determination information. The access control device according to any one of claims 3 to 4.

(Supplementary Note 5) A control method executed by a device that relays communication between a Web server and a client terminal,
A process of receiving an access request to the web server sent by the client and analyzing the received access request;
From the result of the analysis, the identification information of the content accessed at the time of issuing the access request, the identification information of the content to be accessed by the access request, and the client that is the request source of the access request A process of extracting information;
A process of accessing the determination information storage unit holding the determination information in which the content transition for determining the priority state of the client at the time of controlling access to the Web server is held, and acquiring the determination information;
A process of setting a priority state in association with the client that is the request source when an order of identification information of the extracted content matches a content transition of the determination information;
A process of recording in the client status information storage unit client status information for registering information indicating a request source of an access request issued by a client associated with the priority status;
In the relay process of the access request from the client to the Web server, the information indicating the request source of the received access request indicates the client request source associated with the priority status recorded in the client status information storage unit An access control method comprising: a process for requesting access control to block or temporarily hold a received access request when it does not match information.

(Supplementary note 6) In a device that relays communication between a Web server and a client terminal,
A process of receiving an access request to the web server sent by the client and analyzing the received access request;
From the result of the analysis, the identification information of the content accessed at the time of issuing the access request, the identification information of the content to be accessed by the access request, and the client that is the request source of the access request Processing to extract information;
A process of accessing a determination information storage unit holding determination information in which content transition for determining a priority state of a client at the time of controlling access to the Web server is held, and acquiring the determination information;
A process of setting a priority state in association with the client that is the request source when the order of the identification information of the extracted content matches the content transition of the determination information;
A process of recording client status information for registering information indicating a request source of an access request issued by a client associated with the priority status in a client status information storage unit;
In the relay process of the access request from the client to the Web server, the information indicating the request source of the received access request indicates the client request source associated with the priority status recorded in the client status information storage unit An access control program for executing processing that requests access control that blocks or temporarily holds a received access request when the information does not match.

DESCRIPTION OF SYMBOLS 1 Access control apparatus 11 Content information storage part 12 Judgment information storage part 13 Client state information storage part 14 Communication relay part 15 Communication control part 16 Content management part 17 Client management part 2 Web server 3 Control display server 4 Client terminal 5 Browser 6 the Internet

Claims (4)

A device that relays communication between a Web server and a client terminal,
A determination information storage unit that holds determination information that sets content transition for determining the priority state of the client at the time of controlling access to the Web server;
A client status information storage unit for recording the client status;
Upon receiving the access request to the Web server transmitted by the client, the received access request is analyzed, and based on the result of the analysis, the identification information of the content accessed at the time of issuing the access request and the access request When the identification information of the content to be accessed and the information for identifying the client that is the request source of the access request are extracted, and the order of the extracted content identification information matches the content transition of the determination information A content management unit that sets a priority state in association with the request source client;
A client management unit that records in the client state information storage unit client state information for registering information indicating a request source of an access request issued by a client associated with the priority state;
In the relay process of the access request from the client to the Web server, the information indicating the request source of the received access request indicates the client request source associated with the priority status recorded in the client status information storage unit An access control device comprising: a communication control unit that requests access control to block or temporarily hold a received access request when the information does not match. The communication control unit requests the access control to the Web server when the total number of clients associated with the priority state exceeds a predetermined number based on the client state information. The access control apparatus according to claim 1. The determination information storage unit holds determination information in which content transition for determining an unauthorized state of a client in access control to the Web server is set,
The content management unit extracts the identification information of the content to be accessed by the access request and the information for specifying the client that is the request source of the access request, and the order of the extracted content identification information is If it matches the content transition for determining the invalid state of the determination information, the invalid state is set in association with the client that is the request source,
The client management unit records, in the client status information storage unit, client status information for registering information indicating a request source of an access request issued by a client associated with an illegal status by the content management unit,
In the relay process of the access request from the client to the Web server, the communication control unit is a client in which information indicating the request source of the received access request is associated with the unauthorized state recorded in the client state information storage unit 3. The access control apparatus according to claim 1, wherein the access control apparatus requests access control to block the received access request when the information matches the information indicating the request source. The determination information storage unit classifies the content of the Web server into a predetermined type, and holds information that sets transition between the content types as the determination information,
The content management unit determines whether an order of content types corresponding to the order of the acquired address information matches a transition between content types of the determination information. The access control device according to any one of claims 3 to 4.

Images