JP5132473B2 - Information providing apparatus and information providing apparatus control method - Google Patents

Description

  The present invention relates to a data processing technique, and more particularly, to an information providing apparatus that provides information to a user and an information providing apparatus control method that controls the information providing apparatus.

  Currently, HTTP (Hypertext Transfer Protocol) is mainly used as a communication protocol in information exchange using WWW (World Wide Web). Since HTTP is basically a stateless communication protocol, an information providing apparatus, for example, a web server, identifies a session for each user terminal by issuing a session ID to the user terminal.

Patent Document 1 below discloses an access log recording system that records a session ID issued to a user and address information of a content file requested by the user in an access log.
JP 2007-086932 A

  Patent Document 1 only suggests that user behavior analysis and the like can be performed by analyzing an access log recorded for each session. In other words, it is not disclosed how to use the accumulated access log in providing information to the user.

  The inventor has focused on the time limit of the session ID. That is, the present inventor considered that the appropriate behavior of the information providing apparatus with respect to the user can be determined by recording and utilizing the correspondence information between the session ID issued to the user and the information related to the user.

  The present invention is an invention completed based on the above-mentioned attention of the present inventor, and its main purpose is to realize an information providing apparatus that executes appropriate processing for a user who has been issued a session ID with a time limit Is to provide technology to do.

  In order to solve the above-described problem, an information providing apparatus according to an aspect of the present invention is an apparatus that provides a user with a page on which information is electronically described. The user's operation on the page and the operation are executed. A related information table in which related information that a user may be interested in is stored in association with each other, an ID issuing unit that issues a session ID that is temporarily valid for a login user to the own device, and a login Session information in which user session IDs and login user operations on pages are sequentially stored, and a session information table that holds the session information as valid while the session ID is valid, and the login user When providing a given page, provide relevant information for operations while the login user's session ID is valid In order to identify the operation associated with the session ID of the logged-in user in the session information table, the identifying unit identifies the associated information associated with the operation in the associated information table, and the associated information identified in the identifying unit. And a setting unit for setting so as to be displayed on a predetermined page.

  The “page” in this aspect means electronic data provided from the information providing apparatus to the user terminal in one unit of communication between the information providing apparatus and the user terminal. Typically, it is a group of electronic data provided by the information providing apparatus as a response to a request from the user terminal, and this electronic data includes data to be displayed on the user terminal. For example, the “page” includes a web page provided from a web server to a web client. The data format of “page” is not limited, and may be plain text or file data in a predetermined format such as an XHTML (Extensible HyperText Markup Language) file.

  In addition, the “user operation on the page” in this aspect includes, without limitation, page acquisition, reference, and data transmission to a specific page. For example, it includes operations by various methods such as the GET method and POST method in HTTP. The “related information” is information related to a specific operation, and is information that may be of interest to the user who executed the operation. For example, information that is highly likely to be of interest to a user who refers to information on a specific target, news about the target, competitive product / competitive service information about the target, and the like may be used.

  Further, the “session ID” in this aspect means data issued to the user terminal in order for the information providing apparatus to identify a session with the user terminal. Therefore, it is not limited to a character string or a numerical string indicating an identification number, and includes various types of data. The session ID is held on the user terminal side and is typically stored in a browser cookie. When the user terminal reconnects to the information providing apparatus, the session ID is notified to the information providing apparatus.

  Another embodiment of the present invention is also an information providing apparatus. This device is a device that provides a user with a page on which information is electronically described, and stores a user's operation on the page in association with relevant information that may be of interest to the user who performed the operation. Corresponds to the related information table, ID issuing unit that issues a session ID that is temporarily valid for the login user to the own device, the login user session ID, and the login user operation to the page Session information stored in sequence, and while the session ID is valid, the session information table holds the session information as valid, and occupies a predetermined percentage or more of the login user operations stored in the session information table A detection unit that detects a login user's operation as a high-frequency operation, and a page provided to the login user A is provided in a page that lists the relevant information, a setting unit that sets as the related information associated with the frequent operation is displayed in a predetermined highlighted manner, the.

  Yet another embodiment of the present invention is also an information providing apparatus. This device is a device that provides a user with a page on which information is electronically described, and issues an ID issuing unit that issues a session ID that is temporarily valid to a login user of the device. A session information table that sequentially stores session information in which the login user's session ID is associated with the login user's operation on the page, and holds the session information as valid while the session ID is valid; A detection unit that detects a fact that the session ID stored in the session information table is associated with a predetermined number of operations within a predetermined time, and an error processing unit that executes a predetermined error process when the fact is detected And comprising.

  Yet another embodiment of the present invention is also an information providing apparatus. This device is a device that provides a user with a page on which information is electronically described, and issues an ID issuing unit that issues a session ID that is temporarily valid to a login user of the device. A session information table that sequentially stores session information in which the login user's session ID is associated with the login user's operation on the page, and holds the session information as valid while the session ID is valid; A detection unit that detects a fact that a plurality of different session IDs among session IDs stored in the session information table are associated with an operation on a restricted page that can be operated by a single login user, and a fact is detected. And an error processing unit that executes predetermined error processing.

  Yet another embodiment of the present invention is an information providing apparatus control method. This method is a method of controlling a device that provides a user with a page on which information is electronically described, and issues a temporarily valid session ID to a user who logs in to the device. Session information in which the step, the login user's session ID and the login user's operation on the page are associated with each other is sequentially stored in a predetermined storage unit, and the session information is stored as valid while the session ID is valid. And a step of identifying the operation of the logged-in user associated with a valid session ID with reference to the storage unit, and determining a process by the device for the user according to the operation.

  It should be noted that any combination of the above-described constituent elements and a representation of the present invention converted between an apparatus, a method, a system, a program, a recording medium storing the program, and the like are also effective as an aspect of the present invention.

  ADVANTAGE OF THE INVENTION According to this invention, it becomes easy to implement | achieve the information provision apparatus which performs an appropriate process with respect to the user by whom session ID with time limit was issued.

The outline of the embodiment of the present invention will be described before the configuration thereof is described.
In a web server that requires login authentication, it is necessary to identify individual users. For this reason, such a web server issues a session ID to the user after the user logs into the site. This session ID is kept valid until the user logs out from the own site, and is invalidated after logout. In other words, the session ID issued by the web server to the user has a temporarily valid time limit. Note that “user” in the present embodiment includes the meaning of a terminal operated by the user, that is, “user terminal”.

  By the way, a user who logs in to a website (hereinafter, also referred to as “login user” as appropriate) performs some operation including acquisition of a web page on the web page. In the following, all of the information providing apparatuses described in the three embodiments are the first storage means for sequentially storing information in which the session ID issued to the login user is associated with the operation of the login user. Is provided. In the first storage unit, while the session ID of the login user is valid, the information including the session ID is retained as valid.

  In the information providing apparatus according to the first embodiment, the operation of the login user and the related information that the login user who executed the operation may be interested in are stored in advance in the second storage unit. When the logged-in user makes a reference request for a predetermined web page, the related information associated with the operation while the session ID of the logged-in user is valid is identified with reference to the first and second storage means, It is displayed on a predetermined web page. Thereby, the convenience of the login user is improved. In the following description, the top page of the website is shown as an example of the predetermined web page, but it is needless to say that a web page other than the top page may be handled as the predetermined web page.

  Also in the information providing apparatus of the second embodiment, the operation of the login user and the related information that the login user who executed the operation may be interested in are stored in advance in the second storage unit. Also, periodically, operations associated with a relatively large number of session IDs in the first storage means are specified as high-frequency operations. When the logged-in user makes a reference request for a page displaying a list of related information, the related information associated with the high-frequency operation among the related information stored in the second storage unit is highlighted on the page. Thereby, the convenience of the login user is improved.

  The information providing apparatus according to the third embodiment detects an abnormal state of information stored in the first storage unit and executes predetermined error processing. This improves the security of the website. Hereinafter, each embodiment will be described.

(First embodiment)
FIG. 1 shows a configuration of an information providing system 100 according to the first embodiment. The information providing system 100 includes an A user terminal 10 a, a B user terminal 10 b, a C user terminal 10 c, a D user terminal 10 d, which are collectively referred to as the user terminal 10, and an information providing apparatus 20. The user terminal 10 and the information providing apparatus 20 are connected via a known communication network such as a LAN (Local Area Network), a WAN (Wide Area Network), and the Internet.

  The user terminal 10 is a general PC terminal equipped with a web browser. The user terminal 10 acquires the web page addressed by the user from the information providing device 20 and displays it on the display device. Further, in response to a user data transmission request, user input data is transmitted to the information providing apparatus 20, and a web page as response data is acquired from the information providing apparatus 20 and displayed on the display apparatus.

  The information providing apparatus 20 has a general web server function, and transmits a web page designated from the user terminal 10 to the user terminal 10. As a modified example, the user terminal 10 and the information providing apparatus 20 may be an apparatus provided with dedicated hardware and software for transmitting and receiving a page in a unique format using a unique protocol.

  FIG. 2 is a block diagram illustrating a functional configuration of the information providing apparatus 20 according to the first embodiment. The information providing apparatus 20 includes a related information table 22, a session information table 24, an invalidation processing unit 26, an updating unit 28, a receiving unit 30, an ID issuing unit 32, a transmitting unit 34, and a specifying unit 36. And a setting unit 38.

  Each block shown in the block diagram of the present specification can be realized in terms of hardware by an element such as a CPU of a computer or a mechanical device, and in terms of software, it can be realized by a computer program or the like. The functional block realized by those cooperation is drawn. Therefore, it is understood by those skilled in the art that these functional blocks can be realized in various forms by a combination of hardware and software, and is not limited to any of these.

  The related information table 22 is a data storage area secured in a predetermined storage device. The related information table 22 stores an operation of the logged-in user and information (hereinafter also referred to as “related information” as appropriate) that the logged-in user who executed the operation may be interested in. The related information table 22 may be a table in an RDBMS (Relational DataBase Management System).

  FIG. 3 shows the structure of the related information table 22. The user operation column 50 in the figure is an area in which information indicating the operation of the logged-in user is stored. For example, a URL (Uniform Resource Locator) of a web page GET or POSTed by the user may be stored. Further, the related information column 52 is an area for storing related information, and may store the URL of a web page to be provided to a login user who has performed a specific operation, or may store simple text data. . For example, in the record 60 of FIG. 3, the user operation “see Z company stock price”, that is, the operation in which the user acquires a web page displaying the stock price of Z company, is associated with the URL of the related information “Z company news”. Yes. Returning to FIG.

  The session information table 24 is a data storage area secured in a predetermined storage device. In the session information table 24, information (hereinafter also referred to as “session information” as appropriate) in which the session ID issued to the logged-in user is associated with the logged-in user's operation on the web page is executed by the logged-in user. Each time it is stored, it is stored sequentially. The session information table 24 may be a table in the RDBMS.

  FIG. 4 shows the structure of the session information table 24. The session ID column 70 in the figure is an area for storing a session ID issued to the login user. Further, the user operation column 72 is an area for storing information indicating the operation of the logged-in user, and similarly to the user operation column 50 in FIG. 3, the URL of a web page that is GET or POSTed by the user may be stored. . Returning to FIG.

  The invalidation processing unit 26 receives a notification from the ID issuing unit 32 described later, and detects that the specific session ID is invalidated in the ID issuing unit 32. At this time, the invalidation processing unit 26 refers to the session information table 24, specifies session information including the invalidated session ID, that is, a record in the session information table 24, and invalidates the session information. For example, the record storing the session information may be deleted, and a flag indicating that the session information is invalid may be added to the record. The invalidation processing unit 26 holds the session information as valid in the session information table 24 while the session ID of the session information is valid.

  The updating unit 28 periodically refers to the session information stored in the session information table 24, and corresponds to both the first operation and the second operation in which a session ID of a predetermined ratio or more is different from the first operation. It detects that it is attached. An appropriate value may be determined as the threshold for this detection based on company knowledge or experiments using this system, and may be, for example, 20%. At this time, the update unit 28 stores the related information associated with the second operation in the related information table 22 in the related information table 22 in association with the first operation. For example, when a session ID of 20% or more is associated with both “X company stock price reference” and “Y company stock price reference”, “X company news”, which is related information of “X company stock price reference”, is “ It is stored in the related information table 22 in association with “Y company stock price reference”. Instead of this, or together with this, “Y company news”, which is related information of “Y company stock price reference”, may be stored in the related information table 22 in association with “X company stock price reference”.

  The receiving unit 30 receives from the user terminal 10 data specifying an address of a specific web page and requesting the operation of the web page (hereinafter also referred to as “page operation request” as appropriate). The receiving unit 30 refers to a session ID holding table (not shown) that stores a valid session ID, and determines whether or not a valid session ID is included in the page operation request. When a valid session ID is not included, login authentication is executed for the user terminal 10 that transmitted the page operation request (hereinafter also referred to as “requesting user terminal 10” as appropriate). If the login authentication is successful, the success is notified to an ID issuing unit 32 described later. The receiving unit 30 detects that the user terminal 10 has logged out and notifies the ID issuing unit 32 of the logout.

  In addition, when the content of the page operation request (hereinafter also referred to as “operation content” as appropriate) does not request acquisition of the top page, the receiving unit 30 and the effective session ID of the requesting user terminal 10 and the operation New session information associated with the contents is stored in the session information table 24. As a modification, the receiving unit 30 may always store new session information in the session information table 24 regardless of the operation content.

  The ID issuing unit 32 issues a new session ID to the user terminal 10 when notified by the receiving unit 30 of the successful login authentication for the user terminal 10, and the new session is stored in a session ID holding table (not shown). Store the ID. Further, the ID issuing unit 32 invalidates the session ID issued to the user terminal 10 when the receiving unit 30 is notified of logout of the user terminal 10. For example, the session ID may be deleted from a session ID holding table (not shown), and a flag indicating invalidity may be set for the session ID in the session ID holding table. At this time, the ID issuing unit 32 notifies the invalidation processing unit 26 of the invalidated session ID.

  The transmission unit 34 transmits the web page specified in the page operation request to the user terminal 10 that is the request source. When the operation content requests acquisition of the top page, the setting unit 38, which will be described later, transmits top page data set to display related information to the requesting user terminal 10.

  When the operation content requests acquisition of the top page, the specifying unit 36 refers to the session information table 24 and specifies the operation associated with the session ID of the requesting user terminal 10. The specifying unit 36 further refers to the related information table 22 and specifies related information associated with the operation. The setting unit 38 sets the related information in the data of the top page so that the related information specified by the specifying unit 36 is displayed on the top page transmitted to the requesting user terminal 10.

The operation of the above configuration will be described below.
FIG. 5 is a flowchart showing the operation of the information providing apparatus 20 according to the first embodiment. The receiving unit 30 receives the page operation request transmitted from the user terminal 10 (S10). When a valid session ID is not included in the page operation request (N in S12), the ID issuing unit 32 issues a session ID to the requesting user terminal 10 that has been successfully authenticated (S14). If a valid session ID is included in the page operation request (Y in S12), the process in S14 is skipped. When the operation content does not request acquisition of the top page (N in S16), the receiving unit 30 displays new session information in which the session ID of the requesting user terminal 10 and the operation content are associated with each other in the session information table 24. (S18). The transmission unit 34 transmits a web page corresponding to the operation content to the requesting user terminal 10 (S20).

  When the operation content requests acquisition of the top page (Y in S16), the specifying unit 36 refers to the session information table 24 and performs an operation associated with the session ID of the requesting user terminal 10. Specify (S22). The specifying unit 36 further specifies related information associated with the operation with reference to the related information table 22 (S24). The setting unit 38 sets the related information thus identified to be displayed on the top page (S26), and the transmission unit 34 transmits the top page set by the setting unit 38 to the user terminal 10 that is the request source ( S28).

  Although not shown in FIG. 5, the receiving unit 30 detects logout of the user terminal 10 and notifies the logout to the ID issuing unit 32, and the ID issuing unit 32 displays the session ID issued to the user terminal 10. To disable. The ID issuing unit 32 notifies the invalidation processing unit 26 of the invalidated session ID, and the invalidation processing unit 26 invalidates the record of the session information table 24 including the session ID. In addition, the update unit 28 periodically refers to the session information table 24 and stores a user operation and related information in the related information table 22 in association with each other when a predetermined condition is satisfied.

  Hereinafter, the specific operation of the information providing apparatus 20 will be further described with reference to each record in FIGS. 3 and 4 as appropriate. Note that the records in FIG. 4 are recorded in time series from the top record.

  The A user terminal 10a to which the session ID “A001” is issued first refers to the stock price of the company Z (record 74 in FIG. 4), and then refers to the stock price of the company X (record 76 in FIG. 4). Requested to get a page. At this time, the specifying unit 36 specified company Z news (record 60 in FIG. 3), company X news, and company Y news (record 54 in FIG. 3) as related information according to the records 74 and 76 in FIG. . As a result, the setting unit 38 sets the links to the Z company news, the X company news, and the Y company news to be displayed on the top page, and the top page is provided to the A user terminal 10a. The A user terminal 10a referred to the X company news linked to the top page (record 78 in FIG. 4). Thereafter, the A user terminal 10a purchased the shares of company X (record 88 in FIG. 4).

  The B user terminal 10b to which the session ID “B002” is issued refers to the stock price of the company Y (record 84 in FIG. 4), and then requests acquisition of the top page. At this time, the specifying unit 36, as related information, according to the record 80, the record 82, and the record 84 in FIG. 4, X company news, Y company news (record 54, record 56 in FIG. 3), and construction industry news (FIG. 3). Record 58) was identified. As a result, the setting unit 38 sets the links to the X company news, the Y company news, and the construction industry news to be displayed on the top page, and the top page is provided to the B user terminal 10b. The B user terminal 10b referred to the construction industry news linked to the top page (record 86 in FIG. 4). Thereafter, the B user terminal 10b referred to the stock price of the company Z (record 90 in FIG. 4).

  After the Z company stock price reference (record 94 in FIG. 4) by the C user terminal 10c having the session ID “C003” issued, the update unit 28 refers to the session information table 24. The updating unit 28 detects that three different session IDs are associated with both “Z company stock price reference” and “X company stock price reference” (record 74, record 76, record 80, FIG. 4). Record 90, record 92, record 94). The update unit 28 associates the operation of the logged-in user “Z company stock price reference” with the related information “X company news” and stores them in the related information table 22. As a result, “Company X news” is added to the related information column 52 in the record 60 of FIG. Thus, the top page displayed when the D user terminal 10d that has been issued the session ID “D004” requests the acquisition of the top page after referring to the Z company stock price (record 96 in FIG. 4), And a link to company X news was displayed. The D user terminal 10d referred to the X company news linked to the top page (record 98 in FIG. 4).

  According to the information providing apparatus 20, it is possible to provide the login user with relevant information regarding the operation of the logged-in user associated with the session ID having a temporarily valid time limit when the top page is displayed. This provides the login user with information related to the operation within a relatively short time before displaying the top page, that is, the operation executed while the session ID is valid, thereby improving the convenience of the login user. be able to. Especially for websites where the login user's interests change in a short time, the login user's most recent operations are often directly linked to the login user's interests, greatly improving the convenience of the login user. Can be made.

  For example, when the information providing apparatus 20 is an apparatus that provides a securities company site, the brands that the logged-in user is interested in often change for a short period of time, for example, at each login. According to the information providing apparatus 20, it is possible to provide related information of brands that are highly likely to be of interest to the login user at that time.

  Further, according to the information providing apparatus 20, the session information held as valid in the session information table 24 is limited to that with valid session ID. Therefore, the data in the session information table 24 to be analyzed by the specifying unit 36 is data relating to the logged-in user, and the amount of data is small. As a result, the session information analysis processing in the specifying unit 36 can be speeded up, and the hardware resources required for the analysis processing can be reduced.

  For example, since a normal access log is mainly intended for long-term log storage and analysis by night batch processing, recorded information is not deleted. As a result, the amount of data in the access log becomes enormous, and it is not realistic to analyze every time the logged-in user accesses the top page as in this embodiment. On the other hand, since the data amount of the session information table 24 is relatively small, it can be analyzed during the provision of the website service, and the load on the apparatus can be kept small.

  Furthermore, according to the information providing apparatus 20, the new association between the operation of the login user and the related information is stored in the related information table 22 according to the session information in the session information table 24. This process is executed by the update unit 28 based on the session information held as valid in the session information table 24. As a result, the related information table 22 is dynamically updated in accordance with the operation of the logged-in user, and the logged-in user is provided with information that is likely to be of interest to many logged-in users at that time. it can.

  The present invention has been described based on the first embodiment. As a modification, the web page that provides related information to the login user may not be limited to a specific web page such as a top page. For example, a “recommended information display” button may be arranged on all web pages provided by the website. When the information providing apparatus 20 detects that the button is pressed by the logged-in user, the information providing apparatus 20 may set the related information of the operation by the logged-in user on a pop-up screen or the like and display it on the user terminal 10. Thereby, when a login user needs, related information can be provided.

  As another modification, the updating unit 28 may cancel the association between the operation of the login user once stored in the related information table 22 and the related information according to the session information in the session information table 24. For example, the update unit 28 of this modified example stores the first process and the related information of the second process different from the first process in association with each other in the related information table 22 and then stores them in the session information table 24. It is detected that the session ID associated with both the first process and the second process is less than a predetermined ratio. At this time, the update unit 28 cancels the correspondence between the first process and the related information of the second process in the related information table 22. Thereby, it becomes easy to update the contents of the related information table 22 appropriately according to the recent operation of the logged-in user. In other words, the association that is set based on the past results but does not reflect the current situation can be eliminated. Moreover, it can suppress that the data amount of the related information table 22 increases.

  As yet another modification, the ID issuing unit 32 may autonomously invalidate the session ID even when the logged-in user does not log out after issuing the session ID to the logged-in user. The invalidation of the session ID may be executed, for example, when a date switching process is executed in the information providing apparatus 20, in other words, when a predetermined date and time is reached, such as when a business day switching time comes. This execution date and time may be determined by business convenience and system convenience in the information providing system 100. For example, it may be executed when a predetermined time such as 24 hours elapses after the session ID is issued. This threshold value may be set by determining, for example, an experiment when the login user is less likely to continue the operation of the web page. Thereby, the data amount of the session information table 24 is reduced, and the process in the information providing apparatus 20, particularly the specific process in the specifying unit 36 can be executed at high speed.

(Second Embodiment)
The configuration of the information providing system according to the second embodiment is the same as the configuration of the information providing system 100 according to the first embodiment shown in FIG.
FIG. 6 is a block diagram illustrating a functional configuration of the information providing apparatus 20 according to the second embodiment. The information providing apparatus 20 includes a related information table 40, a session information table 24, an invalidation processing unit 26, a detection unit 42, a reception unit 30, an ID issuing unit 32, a transmission unit 34, and a setting unit 44. Have In addition, the same name and code | symbol as each functional block of FIG. 2 are attached | subjected to the functional block same as the information provision apparatus 20 of 1st Embodiment. Hereinafter, the description already given about each functional block is abbreviate | omitted.

  The related information table 40 includes operations of the logged-in user, related information that may be of interest to the logged-in user who executed the operation, and operations performed by a relatively large number of logged-in users (hereinafter referred to as “high-frequency operations” as appropriate). Are stored in association with each other.

  When the content of the page operation request is for requesting acquisition of a page for displaying a list of related information (hereinafter also referred to as “related information list page” as appropriate), the setting unit 44 stores a plurality of items stored in the related information table 40. Get related information for. The setting unit 44 displays related information (hereinafter, also referred to as “high-frequency operation related information” as appropriate) among the plurality of related information in a predetermined emphasis manner on the related information list page. Set to be.

  For example, the setting unit 44 displays the high-frequency operation related information as related information so that the high-frequency operation related information is displayed on the related information list page at a position where it is easily watched by the logged-in user. It may be set to the data of the list page. In addition, the setting unit 44 relates the high-frequency operation related information so that the high-frequency operation related information is displayed on the related information list page in a display form that is easily watched by the logged-in user, for example, bold or red. It may be set to data on the information list page.

  The detection unit 42 periodically refers to the session information stored in the session information table 24 and detects, as a high-frequency operation, login user operations that occupy a predetermined percentage or more of the login user operations included in the session information. . An appropriate value may be determined as the threshold for this detection based on company knowledge or experiments using this system, and may be, for example, 20%. The detection unit 42 identifies a record including a high-frequency operation from among the records stored in the related information table 40, and sets a flag indicating the high-frequency operation for the record.

The operation of the above configuration will be described below.
The detection unit 42 periodically refers to the session information in the session information table 24 to identify a high frequency operation, and sets a flag indicating the high frequency operation in the high frequency operation record in the related information table 40. The receiving unit 30 receives a page operation request from the user terminal 10. When the operation content requests acquisition of a related information list page, the setting unit 44 acquires a plurality of related information from the related information table 40, and the related information for which the flag indicating the high frequency operation is set is related. Set to be highlighted on the information list page. The transmission unit 34 transmits the related information list page set by the setting unit 44 to the user terminal 10.

  According to the information providing apparatus 20, the related information of the operation being performed by many logged-in users is highlighted on the related information list page. As a result, information that is likely to be of interest to a large number of logged-in users can be clearly shown to the logged-in user, and the logged-in user can easily access the information.

  The present invention has been described based on the second embodiment. As a modification, the detection unit 42 may periodically refer to the session information stored in the session information table 24 and detect that a predetermined number or more of session information exists as a high load state. An appropriate value may be determined as a threshold value for this detection based on company knowledge or experiments using this system, and is typically a value that may cause a device load that adversely affects the response time to the logged-in user. To be determined. The setting unit 44 may delete at least a part of data of the web page transmitted to the user terminal 10 in the transmission unit 34 when the high load state is detected in the detection unit 42. As a result, even if many logged-in users access the information providing apparatus 20 and the information providing apparatus 20 becomes heavily loaded, the data amount of the web page handled in the information providing apparatus 20 is reduced, and the service to the logged-in user is provided. It will be easier to continue.

(Third embodiment)
The configuration of the information providing system according to the third embodiment is the same as the configuration of the information providing system 100 according to the first embodiment shown in FIG.
FIG. 7 is a block diagram illustrating a functional configuration of the information providing apparatus 20 according to the third embodiment. The information providing apparatus 20 includes a session information table 24, an invalidation processing unit 26, a reception unit 30, an ID issuing unit 32, a transmission unit 34, a detection unit 46, and an error processing unit 48. In addition, the same name and code | symbol as each functional block of FIG. 2 are attached | subjected to the functional block same as the information provision apparatus 20 of 1st Embodiment. Hereinafter, the description already given about each functional block is abbreviate | omitted.

  The detection unit 46 periodically refers to the session information stored in the session information table 24 and detects an abnormal state of the session information. Specifically, it is detected as an abnormal state that a specific session ID included in the session information is associated with a predetermined number of operations within a predetermined time. For example, for each of the session IDs stored in the session information table 24, the detection unit 46 stores the number of operations associated with the reference and compares it with the number of operations associated with the next reference. Thus, an increment in the number of operations may be derived. As a modification, the storage time of the session information may be recorded by the receiving unit 30 in the session information of the session information table 24. In this case, the detection unit 46 may derive an increase in the number of operations within a predetermined time with reference to the storage time.

  Note that the threshold value for the detection unit 46 to detect an abnormal state may be determined as appropriate by company knowledge or experiments using this system, and is typically operated for general login users. Is determined to be a value that is assumed to be difficult. For example, the threshold may be that 100 or more web pages are referred to within one minute.

  The error processing unit 48 performs predetermined error processing when an abnormal state is detected by the detection unit 46. Here, an error process is executed for the login user to whom the session ID detected as an abnormal state is issued. For example, a message to stop providing more web pages may be transmitted to the logged-in user via the transmission unit 34. Further, for example, the receiving unit 30 may be notified of the abnormal state, and the page operation request from the login user may be rejected. As a modification, the error process may be a process for an administrator who manages the information providing apparatus 20, or a warning message indicating this abnormal state may be notified to the administrator. Further, this abnormal state may be recorded in a log file.

  According to the information providing device 20, it is easy to detect an abnormal operation on the web page and perform an appropriate countermeasure for the abnormal operation. That is, the security of the website provided by the information providing apparatus 20 can be improved. For example, acquisition of a large number of web pages in a short time automatically executed by a program on the user terminal 10 side can be detected, and provision of web pages for this operation can be stopped. Also, for example, even when a web page operation process loops due to some system malfunction, the abnormal state can be detected and a stop process or the like can be executed. Thereby, it can suppress that the load of the information provision apparatus 20 increases and the service provision with respect to another login user is overdue. In addition, when the information providing apparatus 20 is subjected to a DoS (Denial of Service attack) attack from an external apparatus, it is easy to reduce the influence, and it is easy to continue service to other login users.

  The present invention has been described based on the third embodiment. A modification will be described below. The modification detection unit 46 also periodically refers to the session information stored in the session information table 24. The detection unit 46 corresponds to an operation on a web page (hereinafter also referred to as “restricted page” as appropriate) in which a plurality of different session IDs among session IDs included in the session information are allowed to be operated by a single login user. This is detected as an abnormal state. This restriction page is, for example, a web page for operating a securities account, and a web page for registering / modifying personal information of a login user.

  The error processing unit 48 performs predetermined error processing when an abnormal state is detected by the detection unit 46. For example, for a plurality of session IDs associated with the operation of the restricted page, even if a warning message indicating this abnormal state is transmitted to at least one of users to whom each session ID is issued via the transmission unit 34 Good. Further, the warning message may be notified to the administrator of the information providing apparatus 20, and may be recorded in a log file.

  According to this modification, it is easy to detect an unauthorized operation on the restricted page and execute an appropriate process for the unauthorized operation. That is, the security of the website provided by the information providing apparatus 20 can be improved. As described above, since the session ID of the login user is invalidated at the time of logout, the record in the session information table 24 is also invalidated at the time of logout. Therefore, when the logged-in user who has operated the restriction page logs out once, logs in again, and operates the restriction page, the association between the previously issued session ID and the operation of the restriction page is eliminated. . Therefore, the warning message for the login user is not transmitted, that is, the convenience of the legitimate login user is not lowered.

  It will be understood by those skilled in the art that the above-described embodiment is an exemplification, and that various modifications can be made to combinations of the respective constituent elements and processing processes, and such modifications are also within the scope of the present invention. By the way.

  Any combination of the above-described embodiments and modifications is also useful as an embodiment of the present invention. The new embodiment generated by the combination has the effects of the combined embodiment and the modified examples.

  It should also be understood by those skilled in the art that the functions to be fulfilled by the constituent elements recited in the claims are realized by a single function block or a combination of the functional blocks shown in the embodiments and modifications.

It is a figure which shows the structure of the information provision system which is 1st Embodiment. It is a block diagram which shows the function structure of the information provision apparatus in 1st Embodiment. It is a figure which shows the structure of a related information table. It is a figure which shows the structure of a session information table. It is a flowchart which shows operation | movement of the information provision apparatus in 1st Embodiment. It is a block diagram which shows the function structure of the information provision apparatus in 2nd Embodiment. It is a block diagram which shows the function structure of the information provision apparatus in 3rd Embodiment.

Explanation of symbols

  10 user terminal, 20 information providing device, 22 related information table, 24 session information table, 26 invalidation processing unit, 28 updating unit, 30 receiving unit, 32 ID issuing unit, 34 transmitting unit, 36 specifying unit, 38 setting unit, 40 related information table, 42 detecting unit, 44 setting unit, 46 detecting unit, 48 error processing unit, 50 user operation column, 52 related information column, 70 session ID column, 72 user operation column, 100 information providing system.

Claims (5)

An apparatus for providing a user with a page on which information is electronically described,
A related information table that stores the user's operation on the page in association with related information that may be of interest to the user who executed the operation;
An ID issuing unit that issues a session ID that is temporarily valid for a login user to the own device;
Session information table that sequentially stores session information that associates the login user's session ID with the login user's operation on the page, and holds the session information as valid while the session ID is valid;
By periodically referring to the session information table, a session ID of a predetermined ratio or more among session IDs included in valid session information is associated with the first operation and the second operation different from the first operation. An update unit that stores the related information associated with the second operation in the related information table in association with the first operation when it is detected that
When providing a predetermined page to the logged-in user, an operation associated with the session ID of the logged-in user in the session information table is performed in order to provide related information for an operation while the session ID of the logged-in user is valid. A specifying unit for specifying and specifying related information associated with the operation in the related information table;
A setting unit configured to set the related information specified in the specifying unit to be displayed on the predetermined page;
An information providing apparatus comprising: The updating unit executes the process of storing the related information associated with the second operation in the related information table in association with the first operation when the predetermined ratio is the first ratio. The session information table is periodically referred to, and the session IDs associated with the first operation and the second operation among the session IDs included in the valid session information are less than the second ratio. 2. The method according to claim 1, wherein when it is detected, the association between the first operation and the related information associated with the second operation that has already been associated is canceled. Information providing device. A detection unit that detects, as a high-frequency operation, a login user operation that occupies a predetermined percentage or more of the login user operations stored in the session information table;
The information providing apparatus according to claim 1, wherein the setting unit performs setting so that related information associated with a high-frequency operation is displayed in a predetermined emphasis mode. A computer program for controlling an apparatus for providing a user with a page on which information is electronically described,
A function of associating a user operation on the page with related information that may be of interest to the user who executed the operation in the first storage unit;
A function for issuing a session ID with a time limit that is temporarily effective for a login user to the device;
Session information in which the login user's session ID is associated with the login user's operation on the page is sequentially stored in a second storage unit different from the first storage unit, and while the session ID is valid A function for holding the session information as valid in the second storage unit;
By periodically referring to the second storage unit, a session ID of a predetermined ratio or more among session IDs included in valid session information is a first operation and a second operation different from the first operation. A function to store the related information associated with the second operation in the first storage unit in association with the first operation when it is detected that the association is performed;
When providing a predetermined page to the login user, the second storage unit is associated with the login user's session ID in order to provide related information for an operation while the login user's session ID is valid. A function of identifying an operation and identifying related information associated with the operation in the first storage unit;
A function of setting the related information specified in the specified function to be displayed on the predetermined page;
A computer program for causing the apparatus to realize the above. A method for controlling a device that provides a user with a page electronically containing information,
When the user's operation on the page and related information that the user who executed the operation may be interested in are associated with each other and stored in the first storage unit,
Issuing a temporarily valid session ID to a login user to the device;
Session information in which the login user's session ID is associated with the login user's operation on the page is sequentially stored in a second storage unit different from the first storage unit, and while the session ID is valid Holding the session information as valid in the second storage unit;
By periodically referring to the second storage unit, a session ID of a predetermined ratio or more among session IDs included in valid session information is a first operation and a second operation different from the first operation. When it is detected that it is associated, the related information associated with the second operation is stored in the first storage unit in association with the first operation;
When providing a predetermined page to the login user, the second storage unit is associated with the login user's session ID in order to provide related information for an operation while the login user's session ID is valid. Identifying an operation and identifying related information associated with the operation in the first storage unit ;
Setting the identified related information to be displayed on the predetermined page;
An information providing apparatus control method comprising:

Images