KR100648106B1 - Method for Brokering Authentication of E-mail Services through Wireless Internet - Google Patents

Abstract

An authentication parameter that allows a user who is a member of a predetermined server providing a service for a user logging in by inputting an ID and password to easily log in to the server when using a service of the server using a wireless terminal. Way. The authentication mediating method of the present invention is implemented in a system capable of at least selectively connecting to a predetermined server providing a service for a user logging in by entering an ID and password. The system accepts the user's personal information to determine whether it is correct, and if the personal information is correct, notifies the server that service use authentication is completed, and allows a virtual password, which is separately provided in addition to the user's ID and password, to be stored in the server. The mobile telephone number, the ID and the virtual password of the user are stored in predetermined storage means. If the user later wants to access the server using a wireless terminal, the system performs an automatic login procedure using the ID and the virtual password stored in the storage means. In one embodiment, the service may be an Internet mail service.

Authentication, Wireless Internet, Mail Notification, Login, Auto Login

Description

{Method for Brokering Authentication of E-mail Services through Wireless Internet}

1 is a diagram showing a network environment of an e-mail gateway system according to a preferred embodiment of the present invention.

FIG. 2 is a flowchart illustrating an authentication mediation process when an application for using a mobile messaging service is made through a wired Internet in a preferred embodiment.

3 is a diagram showing the configuration of CGI programs and web pages included in an e-mail G / W system to perform an authentication-mediated operation.

4A-4F illustrate examples of a user interface in a service use application and authentication process.

FIG. 5 is a flowchart illustrating an authentication mediation process when an application for using a mobile messaging service is made through the wireless Internet in a preferred embodiment.

6 is a flow chart showing a mail arrival notification service progress of the mobile messaging service.

7A to 7D are diagrams showing examples of a wireless terminal display screen during a mail receiving notification service.

The present invention relates to a service authentication method on a network, and more particularly, to a method of mediating authentication of a service provided through a wireless terminal.

As wireless terminals are popularized, Internet service providers who have previously provided services on the wired Internet are striving to provide their services on the wireless Internet. An example of such a service is a mail service. In general, the Internet mail service uses a mail client such as Netscape Messenger or Outlook Express to send and receive mail. However, a web browser is used to access a web server providing a mail service and to read or write mail on the screen provided by the web server. Webmail service is also widely used, and it would be very convenient if such a webmail service could be used using a wireless terminal while moving.

Many wired internet services, including webmail services, operate on a membership basis. Service users sign up in advance and log in by entering their ID and password every time they use the service. Not. At the time of the present application, the terminal used for wireless Internet use is optimized for voice communication while moving, and the cellular phone is made small, and the cellular phone has an alphanumeric that forms an ID and password due to the small keypad. This is because it is not easy to enter.

SUMMARY OF THE INVENTION The present invention has been made to solve the above-described problem, wherein a user who is a member of a predetermined server that provides an e-mail service for a user who logs in by inputting an ID and password uses a service of the server using a wireless terminal. It is a technical task of providing an authentication mediation method that enables the user to easily log in to the server.

According to an aspect of the present invention for achieving the above technical problem, the authentication medium method is implemented by a wireless communication system having a storage means for storing subscriber information and a gateway system connected to a predetermined server, and initially After accepting the service use request through the wired Internet and authenticating, the user can log in automatically every time the service is used based on the user information stored during authentication. First, the gateway system accepts, from the server, a virtual password generated after the server receives a service use request for a user who wants to receive a service, along with a member ID of the user. The gateway system receives the personal information including the user's mobile phone number from the user through the Internet and inquires the wireless communication system. If the personal information is correct, the gateway system generates an authentication number and transmits it to the user's wireless terminal. Will present the received authentication number again via the Internet. If the authentication number presented by the user is correct, the gateway system notifies the server that the service use authentication is completed so that the mobile phone number, the member ID, and the virtual password of the user are stored in the server. Store in a predetermined storage means. If the user later wants to access the server using a wireless terminal, the gateway system performs an automatic login procedure using the stored member ID and virtual password.

According to another aspect of the present invention for achieving the above technical problem, the authentication medium method is implemented by a wireless communication system having a storage means for storing subscriber information and a gateway system connected to a predetermined server, and initially After accepting the service use request through the wireless Internet and authenticating, the user can automatically log in each time the service is used based on the user information stored during authentication. First, the gateway system accepts a mobile telephone number for the user who wants to receive service from the server from the wireless communication system. The gateway system receives the member ID and password for the server from the user's wireless terminal and inquires the server. If the member ID and password are correct, the gateway system receives the virtual password generated for the user along with the member ID of the user. It is. The gateway system notifies the wireless terminal that the service use authentication is completed, and notifies the server that the service use authentication is completed so that the mobile phone number, the member ID, and the virtual password of the user are stored in the server. It will be stored in the storage means of. If the user later wants to access the server using a wireless terminal, the gateway system performs an automatic login procedure using the stored member ID and virtual password.

More generally, the authentication mediating method of the present invention can be said to be implemented in a system that can be at least selectively connected to a predetermined server providing a service for a user logging in by entering an ID and password. The system accepts the user's personal information to determine whether it is correct, and if the personal information is correct, notifies the server that service use authentication is completed, and allows a virtual password, which is separately provided in addition to the user's ID and password, to be stored in the server. The mobile telephone number, the ID and the virtual password of the user are stored in predetermined storage means. If the user later wants to access the server using a wireless terminal, the system performs an automatic login procedure using the ID and the virtual password stored in the storage means.

In one embodiment, the service may be an Internet mail service. In such a case, when the system is notified of the arrival of the mail from the server, the system generates a short message including the mail arrival notice as a body and including its address in the callback URL, and transmits it to the user's wireless terminal. When the wireless terminal connects using a callback UE, the system provides the server with the ID and virtual password stored in the storage means so that the wireless terminal automatically logs in to the server.

Hereinafter, with reference to the accompanying drawings will be described in detail a preferred embodiment of the present invention.

1 shows a network environment of an e-mail gateway (G / W) system according to a preferred embodiment of the present invention. The e-mail G / W system 40 is connected to a plurality of mail servers 60a to 60e, and when the mail is received by the mail server where the user has an account, the mail arrives in a short message through the wireless telephone network 20. The user can log in to the mail server and check the contents of the mail stored in his or her message archive. In one embodiment, each mail server (60a ~ 60e) is a server system that provides a webmail service to the members of each of the Internet portal operators in advance, so that the email G / W system 40 The gateway functions as a gateway that allows a plurality of mail servers to service through a wireless network. However, some of the mail servers 60a to 60e may provide a mail service based on an e-mail protocol instead of a webmail service, and on the other hand, may be operated by a non-Internet portal service provider.

In the radiotelephone network 20, a radio base station 22 is connected to a plurality of base stations 24 for relaying calls transmitted and received between the radio terminal 10 and the exchange 22. The radiotelephone network 20 includes a plurality of wireless exchanges connected hierarchically, but only one exchange is shown for simplicity. In addition, the WAP gateway 28 is connected to the wireless switch 22 through an interworking function 26. The IWF 26 is a gateway that allows a wireless communication network and a wired communication network to be connected. Since the device is well known to operators in the wireless communication field, detailed description thereof will be omitted. The WAP gateway 28 performs the function of converting the HTTP protocol stack into the WAP protocol stack and conversely converting the WAP protocol stack into the HTTP protocol stack. Meanwhile, a wireless portal server (not shown) for providing a wireless Internet service is directly connected to the WAP gateway 28 via a WIG 36 described later.

On the other hand, the short-term service center (SMSC) 30 for providing a short message service is connected to the wireless switch 22, and at least one short-service server (SMSS) 32 is connected to the short service center 30 again. The short message service center 30 is connected to the switch 22 by a common line (SS No. 7) signal system to store and transmit a short message transmitted and received by each terminal user, and the short service server 32 is connected to an external network. Perform the interlock function of.

The email G / W system 40 is connected to the WAP gateway 28 via a wireless interface gateway (WIG) 36. In addition, the email G / W system 40 is connected to the SMSS 32 either directly or via the WIG 36 or a separate short gateway server (SMS G / W). In this state, when the mail server 60a to 60e notifies the user who applied for the mail arrival notification service according to the present embodiment that the mail has been received, the e-mail G / W system 40 passes through the SMSS 32. A short message is sent to the corresponding user to inform the arrival of the mail. The short message includes a callback URL so that the user can access the e-mail G / W system 40 through the wireless Internet by the WAP. Thus, the user can easily access the e-mail G / W system 40 by pressing the "call" button on the terminal after receiving the short message.

When the user's wireless terminal 10 is connected, the e-mail G / W system 40 requests the newly provided mail contents from the mail server to be transmitted to the user's wireless terminal 10. After checking the e-mail contents, the user may terminate the session or go to the upper menu and receive a service similar to receiving a mail service using a wired client. In this way, when the user's wireless terminal 10 accesses the mail server via the e-mail G / W system 40, the user does not need to input an ID and a password separately. Is processed.

In a preferred embodiment, the mail arrival notification and the application for using the mail transmission / reception service (hereinafter referred to as "mobile messaging service") on the wireless Internet may be made through the wired Internet in a state in which the mail server system is registered in advance. It may be done through the wireless Internet. 2 shows a process in which the e-mail G / W system 40 mediates the authentication when an application for using a mobile messaging service is made through the wired Internet. FIG. 3 systematically shows the configuration of CGI (Common Gateway Interface) programs and web pages included in the e-mail G / W system 40 to perform an authentication-mediated task, and FIGS. 4A to 4F are service request applications. And examples of the user interface in the authentication process. 3 to 4F, the authentication process of FIG. 2 will be described.

The user first logs in through a wired client to a mail server 60a to 60e having completed an account registration in advance (step 100). If the user wants to use the mobile messaging service, the user clicks on the "service application request" button displayed on the screen while logged in (step 102). The mail server 60a to 60e receiving the application for use redirects the connection to the e-mail G / W system 40. At this time, parameters such as a member ID, a virtual password, a mail server identifier, and the like are transmitted through the HTTP argument transfer method. In step 104, the GET or the POST is transmitted together. For example, the form of the HTTP request transmitted at this time may have the following form, for example.

http://wmg.nate.com/cgi-bin/reg_start.cgi?UserID=344&VenCd=L01&UserPW=740861234567

Here, UserID represents a member ID, VenCd represents a mail server identifier, and UserPW represents a virtual password. As described below, the virtual password is maintained by the mail server and the wireless communication system so that the member can automatically log in when the member accesses the mail server through the wireless Internet. In addition to the password used by the mail server.

The user registration start CGI program (reg_start.cgi, 150) called by the above HTTP request determines whether the corresponding user is already registered. If registered, the mail filtering set / disable page 152 is provided to the user's wired client. An example of the mail filtering set / disable page 152 is shown in FIG. 4A. On this web page, the user can set mail filtering or service time. On the other hand, if the user is not registered, the service subscription page 154 is provided to the wired client of the user (step 106). An example of service subscription page 154 is shown in FIG. 4B. In this embodiment, the service subscription page 154 is provided with an input window for inputting two items, a mobile phone number and a social security number.

When the user enters the mobile phone number and social security number and clicks the "confirmation" button, the mobile phone number and social security number are transferred to the authentication CGI program 156 (step 108). The authentication CGI program 156 inquires whether the mobile phone number and social security number are correct from the subscriber DB 38 of the wireless telephone network, either directly or via the WIG 36 or other server (step 110). If the mobile phone number and social security number entered by the user are incorrect, the authentication failure guide page 158 is provided to the user client. An example of the authentication failure guide page 158 is shown in FIG. 4C. However, if the mobile phone number and social security number entered by the user are correct, the authentication key input page 160 is provided to the user client while the authentication key is transmitted to the user's wireless terminal through a short message (step 112). An example of the authentication key input page 160 is shown in FIG. 4D.

Accordingly, the user inputs the authentication key included in the short message into the authentication key input page 160 and clicks the "OK" button to apply for authentication (step 114). Authentication Key Verification The CGI program 162 accepts and verifies the authentication key input by the user. If the authentication key entered by the user is incorrect, an authentication failure / re-entry request page 164 as shown in Fig. 4E is provided to the client and displayed. However, if the authentication key input by the user is correct, the subscription success page 166 as shown in Fig. 4F is provided to the client and displayed (step 116). At this time, a short message may also be sent to the wireless terminal, "Thank you for signing up for the service."

When the use application authentication is completed as described above, the e-mail G / W system 40 provides the member ID and the virtual password to the mail servers 60a to 60e and the wireless telephone network subscriber DB 38 to use the service for the member. The application is notified that the authentication is completed (steps 118 and 120). The mail server 60a to 60e and the wireless telephone network subscriber DB 38 store a virtual password for the user and automatically log in when the user wants to use the mail service through the wireless Internet as described below. Do it.

5 shows a process in which the e-mail G / W system 40 mediates the authentication when the mobile messaging service request is made through the wireless Internet.

The user first accesses the wireless portal server operated based on the wireless telephone network 20 interworking with the e-mail G / W system 40 using the wireless terminal 10 (step 200). The wireless portal server includes the mobile messaging service menu described above at the top menu node or at the 1-2 depth submenu node. After the user selects this menu, the user selects a "service use application" item set as a submenu (step 202). Next, the wireless portal server requests the user to input the resident registration number, and if the user enters the resident registration number, the wireless portal server checks whether the resident registration number input from the subscriber DB 38 is correct (step 204).

If the social security number entered by the user is correct, the wireless portal server redirects the connection to the e-mail G / W system 40, wherein the mobile phone number of the user is provided together (step 206). . Here, the mobile phone number may not be provided directly from the wireless portal server but may be provided by the WIG 36. In the state of being connected to the wireless terminal 10, the e-mail G / W system 40 has completed the membership registration to the user in advance and has an account and wants to use the mobile messaging service 60a to 60e. It is required to enter the member ID and password of the (step 208). When the user inputs and transmits the member ID and password (step 210), the e-mail G / W system 40 inquires the mail server system whether the entered member ID and password are correct (step 212).

If the member ID and password are correct, the mail server system generates a virtual password for the member and transmits it to the e-mail G / W system 40 together with the member ID (step 214). Accordingly, the use application authentication is completed. When the use application authentication is completed, the e-mail G / W system 40 provides a guide message indicating that the user has successfully subscribed to the wireless terminal (step 216). In addition, the e-mail G / W system 40 provides the member ID and the virtual password to the mail servers 60a to 60e and the wireless telephone network subscriber DB 38 to notify that the service use application authentication for the member is completed. (Step 218, step 220). The mail server 60a to 60e and the wireless telephone network subscriber DB 38 store a virtual password for the user and allow the user to log in automatically when the user wants to use the mail service through the wireless Internet.

Next, a process of providing a mobile messaging service to a user who is applying for service use as described above will be described.

Figure 6 shows the progress of the mail arrival notification service of the mobile messaging service. First, when the mail server system receives a mail delivered to a user who applied for service use (step 300), the mail server system notifies the user of the mail to the e-mail G / W system 40 that the mail has been received. Step 302). In this case, data on a reception time, a sender, and a title are provided together. When notified of the mail reception, the electronic mail G / W system 40 generates a short message for notifying the reception of the mail and transmits it to the wireless terminal (step 304). An example of a mail receipt notification short message is shown in FIG. 7A. As shown, the short message displays the reception time, the sender, and the mail subject, and includes a guide phrase indicating that the one-touch connection is possible by the "call" button. Accordingly, the user determines the need for access immediately based on the sender and the mail subject, and then determines whether to access (step 306).

If the user does not press the "call" button in step 306, the mail arrival notification service is thereby terminated. However, when the user presses the "call" button in step 306, the wireless terminal is connected to the e-mail G / W system 40 by the Callback URL included in the short message (step 308). When the wireless terminal is connected, the e-mail G / W system 40 determines whether the wireless terminal user is a service registered user with reference to the subscriber DB 38 (step 310). If it is determined in step 310 that the user is not registered, the call message is terminated after the guide message is provided.

However, when it is determined that the user is registered in step 310, the e-mail G / W system 40 presents the member ID and virtual password of the user to the mail server system and brings the received message to the user account (see Step 312). In this case, the message serial number may be included in the data and the callback URL transmitted and received between the e-mail G / W system 40 and the mail server system in case a plurality of e-mails are delivered adjacent in time. On the other hand, since the login is automatically processed by the member ID and virtual password stored in the subscriber DB 38 and the mail server system in this way, the user does not need to enter a member ID and password separately in order to access the mail server system. do. While the e-mail G / W system 40 retrieves the message from the mail server system, the wireless terminal may be provided with a message such as "Login. Please wait."

The message received from the mail server is processed in the form of Wireless Markup Language (WML) and provided to the wireless terminal by the WAP (step 314). In a preferred embodiment, the full email is displayed on the terminal display. 7B shows an example of a form in which an e-mail is displayed on a wireless terminal. The wireless terminal displays the mail subject, reception date and time, sender and mail body. When the length of the mail body is long, the user can read the entire mail body by scrolling up and down using the jog or arrow buttons of the terminal. On the other hand, the user can continuously move to the upper-level menu by pressing, for example, the "menu" button on the terminal. For example, in the screen of FIG. 7B, once the "Menu" button is pressed, the mail list stored in the inbox of FIG. 7C is displayed, and when the button is pressed twice, the upper menu of FIG. 7C is displayed. On the other hand, the user may go directly to the menu screen of FIG. 7D by pressing, for example, the "OK" button on the terminal in the screen of FIG. 7B. Each time the user makes a menu selection, the e-mail G / W system 40 requests and accepts a menu or content of the corresponding menu node from the mail server system, and stores the same in the wireless terminal.

6 and 7a to 7d, after receiving an e-mail notification short message as described above with reference to the callback URL, the user does not rely on the callback URL based on a menu provided by the wireless portal server. The mobile messaging service can be used by connecting to the e-mail G / W system 40 without the need. Such service provision may be easily implemented by those skilled in the art based on the above description, and thus detailed description thereof will be omitted.

Those skilled in the art to which the present invention pertains will understand that the present invention can be implemented in other specific forms without changing the technical spirit or essential features. For example, in the above-described embodiment, the e-mail G / W system 40 mediated service authentication between the mail server and the wireless communication network and viewed the message storage box, but these procedures may be performed directly by the mail server. . For example, when only a few mail servers provide a mail service through the wireless Internet, each mail server may be separately linked to a wireless communication network to authenticate a service and directly provide a message viewing service.

On the other hand, in the embodiment described above, the e-mail G / W system 40 takes the entire e-mail body from the mail server at once and provides it to the wireless terminal. However, in the embodiment in which this embodiment is modified, the length of the e-mail body is changed. In the long run, only a certain amount of data can be imported and provided. In addition, according to the user's request (for example, every time the "call" button is pressed), the mail body may be provided in a predetermined data unit so that the user may refer to the mail body as many times as necessary. In this case, the number of packets transmitted and received through the wireless Internet can be reduced, thereby reducing the usage fee when charging the packet unit.

On the other hand, in the above description, the content providing server, such as a mail server system, generates a virtual password for automatic login, but may be generated by an e-mail G / W system or a wireless communication network operator. Such embodiments will be omitted by those skilled in the art based on the above description and the accompanying drawings. On the other hand, in the above description, the e-mail G / W system 40 is described separately from the wireless communication system, but the e-mail G / W system 40 may be operated by a wireless communication provider, It may be incorporated into a communication system and implemented, for example, in a wireless portal server. Therefore, in the above description and the claims to be described later, the term "wireless communication system" should be understood as referring to a functionally excluded portion of the G / W system described above among wireless telephone network and wireless internet related systems operated by a wireless communication service provider. Should be.

On the other hand, the above description has been described a preferred embodiment of the present invention with a focus on the mobile messaging service including the mail receiving notification, the present invention is not limited to this, as well as other services provided based on the membership system in the wired Internet as well It can be applied to a variety of pure wireless Internet services.

Therefore, the above-described embodiments are to be understood as illustrative in all respects and not as restrictive. The scope of the present invention is shown by the following claims rather than the detailed description, and all changes or modifications derived from the meaning and scope of the claims and their equivalents should be construed as being included in the scope of the present invention. do.

As described above, in the present invention, when a user who is a member of a server system that provides a service on a wired Internet wants to use a service of the server system through a wireless Internet using a wireless terminal, the user may initially apply for service use. Only one authentication is done at a time, allowing you to log in automatically every time you use the service. In particular, an application for service use can be made through wired or wireless Internet. Since information stored in the subscriber DB of the server system or wireless telephone network can be used for authentication, information to be input is greatly simplified. In other words, it is not necessary to enter auxiliary information such as an address or an e-mail address, and when applying for service through a wired Internet, a member ID and password for the server system are supplied by the server system. The burden of input is reduced, and when applying for service use through the wireless Internet, information such as mobile phone number is supplied from the subscriber DB of the wireless telephone network so that it is not necessary to input it.

As a result, the burden on information input is reduced at the time of initial application for use of the service, and automatic login is possible at a later use of the service. Access to the server system is facilitated. In addition, from the perspective of Internet portal operators or other content providers, integrated services through the interworking of wired and wireless Internet can be facilitated and service demand can be increased.                     

On the other hand, by creating and using a virtual password separately from the password used for manual login as the password used for automatic login, it can reduce the risk of personal information leakage and the possibility of unauthorized login by others and reduce the user's concern about it. Will be.

Claims (5)

A member is connected to an external server that provides an e-mail service to a user based on a wired Internet based on a member ID and password, has a predetermined storage means, and can access the user's wireless terminal through a wireless communication network. In the gateway system for mediating the authentication between the wireless terminal and the external server to receive the e-mail service provided by the external server using the wireless terminal, (a) storing, in the storage means, together with the ID, a virtual password that is given separately from the password and that the external server stores separately from the password; (b) accepting a received mail confirmation request from the user's wireless terminal through the wireless communication network; (c) confirming the user and transmitting the ID and virtual password stored in the storage means to the external server for the user, such that the external server authenticates the user by the received ID and virtual password. step; And (d) accepting received mail information of the user from the external server and transmitting the received mail information to the wireless terminal of the user; E-mail service authentication parameter comprising a. The method of claim 1, wherein in the step (a), the ID and the virtual password are received from the external server and stored in the storage means. The method of claim 2, wherein step (a) Receiving the user's ID and password from the wireless terminal and transmitting the ID and password to the external server; And E-mail service authentication mediating method for storing the ID and the virtual password from the external server in the storage means. The method according to any one of claims 1 to 3, Step (b) (b1) receiving a notification from the external server that the mail has arrived; And (b2) generating a short message including a mail arrival notice as a body and including the address of the system in a callback UE, and transmitting the short message to the wireless terminal of the user; Including, In the step (c), when the wireless terminal connects using the callback UE, the external server may authenticate the user by providing the ID and the virtual password stored in the storage means to the external server. Mail service authentication parameter method. delete

Images